CANARIE is pleased to announce the addition of ADFSToolkit functionality to the Canadian Access Federation (CAF) Federated Identity Management (FIM) service. CANARIE and its partners have been working on a set of tools to augment existing ADFS Identity Provider installations. This set of tools is published by CANARIE as a Powershell module called ADFSToolkit, in the Powershell Gallery hosted by Microsoft. The toolkit allows an existing ADFS Identity Provider to have an additional option for participation in the FIM service.
The key items enabled by the ADFSToolkit are:
- Retrieval and signature verification of the CAF FIM service trust records
- Ingestion of the entities into ADFS using the one-at-a-time trust relationship paradigm
- Automatic setting of attribute release policies for entity categories
- Site-specific additions of attribute releases on a per service basis
- Ability to set a scheduled job to keep current with the CAF FIM service trust records on an hourly basis
- Ability to better diagnose problems
If you have any questions regarding the ADFSToolKit and how it impacts your CAF and FIM services, please message us at firstname.lastname@example.org.