Troubleshooting

Common issues and solutions for Keyless and AD FS integration.

I am unable to add the Relying Party Trust to my AD FS

Please confirm that you are able to reach https://<customer>-registration.keyless.technology/metadata/ from your network, where <customer> is the domain given to you by Keyless.

I want to restrict access to Keyless only to a specific group in Active Directory

Select the customer>-registration.keyless.technology ‘Relying Party Trust’ in AD FS
Click on 'Edit Access Control Policy'
Select ‘Permit specific group'

Ensure that ‘Active Directory’ is the only option available to users in AD FS for Keyless Account Linking

Oopen PowerShell as administrator on your AD FS and enter this command:

Set-AdfsRelyingPartyTrust -TargetName <customer>-registration.keyless.technology -ClaimsProviderName @("Active Directory”)

On the AD FS ‘Home Realm Discovery’ screen, the browser on users’ devices may cache the list of login options. Clearing the cookies in the browser solves the problem.

Last updated 2 months ago