Reputation: 91
What is a relying party trust in adfs
Can someone explain what a relying party trust is. I am configuring IFD for CRM but I cannot find basic information on what a relying party is and what is does?
Upvotes: 9
Views: 25311
Answers (2)
Reputation: 1467
The way I would describe this is that CRM is the relying party, it is relying on ADFS to check the claims that are made ("I claim that I am userX"). In ADFS you configure a relying party trust to tell ADFS where it can expect claims to come from - it will trust the relying party so that when a user is authenticated they can be redirected back to that application (you don't want to give a user a token to present to an application you do not trust).
Upvotes: 18
Reputation: 46753
ADFS allows federation which comprises two sides viz. the IDP (Claims Provider) (the owner of the identity repository - in this case AD) and the RP (Relying Party) which is another STS or application that wishes to outsource authentication to the IDP.
Trusts are handled via certificates based on the ownership of private keys e.g. SAML tokens are signed by the IDP.
So the RP trust is the trust between the RP and the IDP - a token signed by the IDP must originate from the IDP and therefore the claims inside the token can be trusted.
Upvotes: 7
Related Questions
- Add Relying Party Trust is failing in ADFS SAML
- How to create federation metadata XML for "Relying Party Trust" and "Claims Provider Trusts" for ADFS 2.0
- How do I configure client and relying party trust on Windows 2016 RTM ADFS for a rich client or web app?
- Why does Dynamics CRM Require IFD (ADFS)?
- Are Active Directory forest trusts transitive?
- ADFS multiple relying party and claim rules to fall back between them
- WCF, Claims, ADFS 3.0
- Relying Party - Unique Signing certificate condition in ADFS 2.1
- Implementing Authentication using ADFS in ASP.NET?
- Claims not being passed to a Relying Party in ADFS 2.0