问题描述

我在ADFS 3.0（Windows Server 2012 R2）中将RSA设置为多因素身份验证。我有2个"索赔提供商信托"：

I have setup RSA as multi factor authentication in ADFS 3.0 (windows server 2012 R2). I have 2 "Claims Provider Trust":

1。 Active Directory（所以我可以使用Windows凭据登录）

1. Active Directory (so I can log in using windows credentials)

2。 Thinktecture Identity Server（因此我域外的用户可以使用提供的用户名/密码登录）

2. Thinktecture Identity Server (so users from outside of my domain can log in with provided username/passwords)

当我使用Active Directory作为身份提供者登录ADFS时，系统会提示我输入安全代码（这是预期的行为）。但是，当我使用第三方身份提供程序登录时，我已通过身份验证并重定向到依赖方应用程序。
我原以为多因素身份验证适用于所有声明提供程序信任。

When I login to the ADFS using Active Directory as identity provider I am prompted for Security Code (which is the expected behavior). However when I log in using a third party identity provider, I am authenticated and redirected to relying party application. I was expecting that multi-factor authentication would work for all Claims Provider Trusts.

在多因素身份验证全局设置中指定外部网和内部网都需要MFA。不知道为什么它不适用于Active Directory以外的身份提供者。

In Multi-Factor authentication global settings specified that MFA is required for both extranet and intranet. Any idea why it does not work for identity provider other than Active Directory.

推荐答案

这篇关于ADFS 3.0多重身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！