Set-CsOAuthConfiguraiton -ClientAuthorizationOAuthServerIdentity Resolution Note The following Skype for Business PowerShell cmdlets must be run to enable OAuth sign-in:New-CsOAuthServer -Identity -Type adfs -MetadataUrl Implements handling of PrimarySID claim in OAuth tokens to cater to resource forest deployment scenarios that other claims (UPN, SIP, email) aren't available for or to match the data that's stored in the resource forest.īlocks fewer desktop client versions from using Active Directory Authentication Library (ADAL) for on-premises sign-in. If forms-based authentication or MFA is enabled on ADFS, it starts an Internet Explorer frame and prompts for credentials. The -AuthenticationMethod parameter has new OAuthInteractive value. OAuth interactive (forms-based authentication or Multi-factor authentication ) sign-in by running the Test-CsRegistration cmdlet. Note OAuth is a standard protocol that's used for server-to-server authentication and authorization.Īfter you install this update, OAuth integration with ADFS is supported. This update enables Active Directory Federation Services (ADFS) 3.0 support for Open Authentication (OAuth) tokens in a Microsoft Skype for Business Server 2015 environment.
