ADFS – Single Sign On with automatic Login on Edge Browser

Today I would like to share my experience when it comes to add a User Agent (e.g. Browser) to the list of Single Sign On capable applications. There is quite a good Article from Microsoft that describes how to add a User agent to the ADFS Configuration, you will find this Article here:
https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/configure-intranet-forms-based-authentication-for-devices-that-do-not-support-wia

But when it comes to the new Microsoft Browser named Edge, or other newer Browsers, the Article isn’t that helpful, it does not provide newer User Agent string, nor it provides how you can get those user agent strings. I found other articles which are stating to add Edge/12 to the user agent list, but this did not achieve the SSO on my Windows 10 1703 (Creators update). So I tried to figure out, where I can find the Information about the user agent from the client which wants to Login. And I found the Information within the Security Log from the ADFS Server:

So I used the following Powershell command to add the user agent “Edge/15” to the list:
Set-ADFSProperties -WIASupportedUserAgents (((Get-ADFSProperties).WIASupportedUserAgents)+'Edge/15')
And after a restart of the ADFS Service, Edge was authenticate me without asking for my password.

Hope this helps

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s