Skip to main content

Cannot use Single Sign On (SSO) when using ADFS in Federated Security

Article # 3046607 - Page views: 133


When integrating KTA with ADFS via Federated Security, it is not possible to use SSO i.e. logon without having to provide the username/password.  The only option is to enter the ADFS username/password when logging into KTA. 



This will occur when using the SAML endpoints for ADFS.  KTA will send the SAML request to ADFS using an Authentication Context class defined by OASIS (here) for the SAML 2.0 specification. 

Microsoft has their own augmented implementation of SAML 2.0 that supports Windows Integrated Authentication (WIA) being passed as an Authentication Context.  This does not comply with the standard defined by OASIS.  



As WIA is not defined as an Authentication Context class by OASIS, KTA does not support it.  There are currently plans to have this added in a later release.


Level of Complexity 



Applies to  

Product Version Build Environment Hardware
KTA ALL      


Add any references to other internal or external articles


Conditional content (Pro member)


Article # 3046607
  • Was this article helpful?