Show/Hide Toolbars

Thereforeā„¢ Help

Tutorials > Solution Designer > Access > Authentication > External User Directories > AD FS (OIDC) > AD FS Server Configuration

Creating an Application Group

Scroll

Thereforeā„¢ Generic OIDC authentication via AD FS requires creating an Application Group on the AD FS server. Please follow the steps below to create the Application Group.

 

1. Select 'Application Groups' in the AD FS tree view. Click 'Add Application Groupā€¦' in the Actions pane.

sd_t_authmeth_adfs_001

2. Type in the desired name for the Application Group. Select 'Web browser accessing a web application' and click 'Next'.

sd_t_authmeth_adfs_002

3. Add the Redirect URI for the Thereforeā„¢ Web Application and then press 'Next'. For Thereforeā„¢ On-Premise this has to be the URL of your web server. Usually, it would follow the pattern shown below. Here, company.domain.name has to be replaced with the actual domain or server name:

 

 https://company.domain.name/twa/signin

 

To enable OIDC authentication for Thereforeā„¢ installed clients such as the Thereforeā„¢ Navigator two more URLs need to be added, as shown in the screenshot below. These URLs can also be added later.

 

 http://127.0.0.1:64957/redirect

 http://localhost:64957/redirect

 

sd_t_authmeth_adfs_004

4. The next step involves choosing the access control policy for this application. For additional information about Access Control Policy templates and creating customized templates the relevant Microsoft documentation provides a detailed description. Click 'Next' to continue.

 

sd_t_authmeth_adfs_005

5. Check the information displayed on the summary page. Click 'Next' to confirm.

 

sd_t_authmeth_adfs_006

This concludes creating an application group. Click here for the tutorial on setting the necessary Client Permissions.