In conjunction with a RadiantOne virtual directory, CFS provides a complete identity provider out of the box. The RadiantOne Cloud Federation Service:
- Acts as a complete Security Token Service (STS).
- Builds claims based on attributes culled from all identity sources, including AD, LDAP directories, databases, and applications.
- Allows users in any AD domain and forest to be authenticated using Windows Integrated Authentication, so users can leverage their AD credentials for non-Microsoft applications and achieve SSO.
- Provides template mappings for cloud applications such as Google Apps, Salesforce, SharePoint 2010, and Webex—with more applications to be added.
- Configured to trust additional external identity providers supporting Windows Azure ACS.
- Supports multiple authentication systems, including form-based, certificate, AD domains and forest, RSA SecurID, and other trusted IdPs.
- Delivers SSO both inside and outside the firewall, so users can sign on securely from remote locations and still access all their applications.