Tree Node for Windows Desktop SSO

This topic has 2 replies, 1 voice, and was last updated 1 month, 2 weeks ago by david.bate.

  • Author
  • #23187

    Hi all,

    I know that Access Manager can do Windows Integrated Authentication AKA Windows Desktop SSO with an apropriate Chain.
    I was searching for a Node in the Authentication Trees which would do the same, but couldn’t find anything yet.
    Am I blind or is this not yet ported to the new Tree Concept?
    I also coun’t find anything in the Node Marketplace

    Thanks for your help


    I believe that WDSSO/Kerberos via Trees will be included in later releases. But it would be pretty trivial to leverage WDSSO in chains and then perform a successful redirect to trees on completion (making sure the auth level’s between the chain and tree are different of course).

    From this knowledge article:

    Linking a chain to a tree

    An intermediate step when migrating chains to trees might be to spread the authentication journey between the two worlds.

    A situation may arise where custom authentication logic is held in a module, which cannot immediately be replicated within a node, or perhaps more complex adaptive steps available within trees need to augment basic chain-based authentication.

    A simple way to overcome this is to start authentication in a chain before finishing authentication within a tree.

    Within the authentication chain, specify the Successful Login URL to the URL of the necessary tree


    New answer… use the Windows Desktop SSO Auth Tree Node:


Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

©2020 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?