Fork me on GitHub
Teleport

Single Sign-On with Active Directory Federation Services

Improve

This guide will explain how to configure Active Directory Federation Services (ADFS) to be a single sign-on (SSO) provider to issue SSH credentials to specific groups of users. When used in combination with role based access control (RBAC), it allows SSH administrators to define policies like:

  • Only members of "DBA" group can SSH into machines running PostgreSQL.
  • Developers must never SSH into production servers.
  • ... and many others.

This guide requires Teleport Cloud or Teleport Enterprise.

View this guide as the user of another Teleport edition: