Skip to main content
Kofax

Cannot use Single Sign On (SSO) when using ADFS in Federated Security

Article # 3046607 - Page views: 14

Issue

When integrating KTA with ADFS via Federated Security, it is not possible to use SSO i.e. logon without having to provide the username/password.  The only option is to enter the ADFS username/password when logging into KTA. 

 

Cause

This will occur when using the SAML endpoints for ADFS.  KTA will send the SAML request to ADFS using an Authentication Context class defined by OASIS (here) for the SAML 2.0 specification. 

Microsoft has their own augmented implementation of SAML 2.0 that supports Windows Integrated Authentication (WIA) being passed as an Authentication Context.  This does not comply with the standard defined by OASIS.  

 

Solution

As WIA is not defined as an Authentication Context class by OASIS, KTA does not support it.  There are currently plans to have this added in a later release.

 

Level of Complexity 

Moderate

 

Applies to  

Product Version Build Environment Hardware
KTA ALL      

References

Add any references to other internal or external articles

 

Conditional content (Pro member)

 

Article # 3046607
  • Was this article helpful?