Workforce Docs
SDKWorkforceEnd User GuideSupport
Searchโ€ฆ
๐Ÿ‘‹
Welcome
๐Ÿ”‘
Why Go Passwordless?
๐Ÿ“ข
Internal Communication
๐ŸŽง
Helpdesk Onboarding
Identity and Access Mgmnt
Okta
AWS Cognito
ForgeRock
Auth0
OneLogin
Ping Identity
Microsoft ADFS
Prerequisites
Integration
Authentication
Troubleshooting
Salesforce
Extensions
RADIUS
Workstation
Windows Login
RDP Access
VDI Access
VPN
Fortinet FortiClient
Palo Alto Networks GlobalProtect
OpenVPN
Check Point VPN
Powered By GitBook
Troubleshooting
Common issues and solutions for Keyless and ADFS integration.

I am unable to add the Relying Party Trust to my ADFS.

Please confirm that you are able to reach https://<customer>-registration.keyless.technology/metadata/ from your network, where <customer> is the domain given to you by Keyless.

I want to restrict access to Keyless only to a specific group in Active Directory.

  1. 1.
    Select the <customer>-registration.keyless.technology โ€˜Relying Party Trustโ€™ in ADFS
  2. 2.
    Click on โ€˜Edit Access Control Policy'
  3. 3.
    Select โ€˜Permit specific group'

Other authentication options are offered to users in ADFS during account linking OR you would like to ensure that โ€˜Active Directoryโ€™ is the only option available to users in ADFS for Keyless Account Linking.

Please open PowerShell as administrator on your ADFS and enter this command:
Set-AdfsRelyingPartyTrust -TargetName <customer>-registration.keyless.technology -ClaimsProviderName @("Active Directoryโ€)
On the ADFS โ€˜Home Realm Discoveryโ€™ screen, the browser on usersโ€™ devices may cache the list of login options. Clearing the cookies in the browser solves the problem.
Previous
Authentication
Next - Identity and Access Mgmnt
Salesforce
Last modified 1yr ago
Export as PDF
Copy link
Outline
I am unable to add the Relying Party Trust to my ADFS.
I want to restrict access to Keyless only to a specific group in Active Directory.
Other authentication options are offered to users in ADFS during account linking OR you would like to ensure that โ€˜Active Directoryโ€™ is the only option available to users in ADFS for Keyless Account Linking.