Using IWA with browser clients - PingOne for Enterprise

PingOne for Enterprise

PingOne for Enterprise
PingOne for Enterprise

You can enable your users' browser clients for seamless SSO with AD Connect using Integrated Windows authentication (IWA).

Before you begin

Ensure that:

  1. Your AD Connect configuration in PingOne for Enterprise has an Authentication Type value of Integrated. This authentication type uses Integrated Windows Authentication (IWA).
  2. Port 80 is open for use by AD Connect.
  3. The browser clients for your users have the AD Connect host listed as a trusted site.

Click the corresponding tabs for instructions on adding trusted sites to Google Chrome, Microsoft Edge, and Mozilla Firefox.

Adding trusted sites to Chrome

  1. In Chrome, go to Settings > Privacy and Security.
  2. Click Third-party Cookies.
  3. Click Add.
  4. In the Site field, enter the host name of the AD Connect host.
  5. Click Add.

Adding trusted sites to Edge

  1. In Windows, open the Control Panel.
  2. Go to Network and Internet > Internet Options.
  3. In the Internet Properties window, go to Security > Trusted Sites > Sites.
  4. In the Add this website to the zone field, enter the host name of the AD Connect host.
  5. Click Add, then click Close.

Adding trusted sites for Firefox

  1. In Firefox, enter about:config in the URL address bar.
  2. Click Accept the Risk and Continue.
  3. In the Search bar, enter network.negotiate.
  4. Click the Pencil icon for network.negotiate-auth.trusted-uris.
  5. In the field that opens, enter the host name of the AD Connect host.
  6. Click the Save icon.

The name of the AD Connect host is displayed as the value of network.negotiate-auth.trusted-uris.