After configuring VMware Workspace ONE Access as the claims provider and AD FS as the service provider, you can test the SP-initiated authentication flow with an AD FS-federated application. A successful configuration allows you to use VMware Workspace ONE Access to authenticate access to an AD FS-federated application.
Use the following procedure to test the SP-initiated authentication flow with an AD FS-federated application. For more information about authentication flows, see IdP-initiated and SP-Initiated Authentication Flows.
- Open a private browsing session (a good practice when testing federated authentication) on your computer browser.
- Navigate to the login portal for an AD FS-federated application (for example, https://login.microsoftonline.com for Office 365).
- Enter the user name of a user residing in the AD FS-federated domain.
Verify that the application portal redirects you to the AD FS Home Realm Discovery page, which presents VMware Workspace ONE Access as an authentication option.
Note: The VMware Workspace ONE Access authentication option uses the Display Name that you specified during the Claims Provider configuration. For more information, see Add VMware Workspace ONE Access as a Claims Provider for AD FS.
- Select the option to authenticate with VMware Workspace ONE Access.
Verify that AD FS redirects you to the Workspace ONE login page.
- Enter the credentials of a user entitled to this resource.
Verify that VMware Workspace ONE Access successfully authenticates you into the application portal.