Scenario 2: Federated authentication: TotalAgility on-premise and AD over the Internet

The following diagram describes claims-based authentication where TotalAgility on-premise uses federated security to authenticate with a remote on-premise installation of Windows Server AD FS 2.0.

This authentication works because AD FS can be exposed over the Internet via HTTPS, and it does not require VPN access like Windows authentication.

Claims-based authentication - TotalAgility on-premise and AD over the internet

	The Client accesses TotalAgility.
	Windows Server AD with AD FS 2.0 provides an STS that authenticates the Client and returns a claims token.
	Windows Server AD submits the claims token to TotalAgility via the Client.
	TotalAgility uses the token issued by STS and extracts the claims from the token.

Scenario 2: Federated authentication: TotalAgility on-premise and AD over the Internet

Search resultsSearch tips

Search tips