PowerShell Universal
DownloadsIssuesDiscordForums
v1
v1
  • About
  • Get Started
    • Additional Resources
    • Installation
      • Docker
      • Upgrading
    • Licensing
    • System Requirements
    • Supported Browsers
    • Visual Studio Code Extension
  • Cmdlet Help
  • Examples
    • Active Directory
    • Hyper-V
    • Image Processing
    • Monitoring
    • PowerShell Protect
    • Slack
    • SQL
  • API
    • About
    • Development
    • Endpoints
    • Security
    • Error Handling
    • Rate Limiting
  • Automation
    • About
    • Development
    • Scripts
      • Parameters
    • Jobs
    • Schedules
    • Triggers
    • Variables
  • Dashboard
    • About
    • Development
    • Dashboards
      • Migrating From Universal Dashboard 2.9
      • Building Dashboards
      • Custom Variable Scopes
    • Frameworks
    • Components
      • Pages
      • Dynamic Regions
      • Element
      • Error Boundary
      • HTML
      • Building Custom Components
      • Data Display
        • Alert
        • Chip
        • Date and Time
        • Icon
        • List
        • Table
        • Tree View
        • Typography
      • Data Visualization
        • Charts
        • Map
      • Feedback
        • Backdrop
        • Modal
        • Progress
        • Skeleton
      • Inputs
        • Autocomplete
        • Button
        • Checkbox
        • Code Editor
        • Date Picker
        • Floating Action Button
        • Form
        • Radio
        • Select
        • Slider
        • Switch
        • Textbox
        • Time Picker
        • Upload
      • Navigation
        • Drawer
        • Stepper
        • Tabs
      • Layout
        • Grid Layout
        • Grid
        • Hidden
      • Utilities
        • Transitions
      • Surfaces
        • AppBar
        • Card
        • Paper
        • Expansion Panel
    • Interaction
    • Published Folders
    • Themes
      • Cascading Style Sheets
      • Styles
    • Scheduled Endpoints
    • Role Based Access
    • Marketplace
  • Platform
    • Cache
    • Monitoring
  • Configuration
    • About
    • API
    • Environments
    • Hosting
      • IIS
      • Single-File
    • Login Page
    • Management API
    • Settings
    • Security
      • App Tokens
      • OpenID Connect
      • WS-Federation
    • Running as a Service Account
    • Git
  • Debugging
    • Logging
    • Debugging Scripts
  • Changelog
  • Extension Changelog
  • Legacy Universal Dashboard Docs
Powered by GitBook

PowerShell Universal

  • Downloads
  • Pricing
  • Gallery

Community

  • Issues
  • Forums
  • Discord

Support

  • Portal
  • Knowledgebase

Copyright 2025 Ironman Software

On this page
  • Configuring ADFS for Universal
  • Service Settings
  • Relying Parties
  • Configuring For Azure Active Directory
  • Configuring Universal

Was this helpful?

Edit on Git
Export as PDF
  1. Configuration
  2. Security

WS-Federation

PreviousOpenID ConnectNextRunning as a Service Account

Last updated 4 years ago

Was this helpful?

WS-Federation supports both Active Directory Federation Services and Azure Active Directory.

You first need to configure ADFS or AzureAD to support Universal.

Configuring ADFS for Universal

Service Settings

These are the current Federation Service settings for our domain.

Relying Parties

You need to configure the following Relying Parties settings for Universal. On the Identifiers tab, provide the URL to the Universal website. HTTPS is required.

On the Endpoints tab. You'll need to include a WS-Federation Passive Endpoint. Make sure to include the trailing slash.

You can configure additional claims you'd like to use if you are using policies in Universal.

Configuring For Azure Active Directory

Configuring Universal

Here is an example of how to update the appsettings.json file to accommodate the correct settings for WS-Federation.

{
  "Kestrel": {
    "Endpoints": {
      "HTTP": {
        "Url": "http://*:5000"
      }
    },
    "RedirectToHttps": "false"
  },
  "ApplicationInsights": {
    "InstrumentationKey": ""
  },
  "Logging": {
    "Path": "%PROGRAMDATA%/PowerShellUniversal/log.txt",
    "RetainedFileCountLimit": 31,
    "LogLevel": {
      "Default": "Information",
      "Microsoft": "Warning",
      "Microsoft.Hosting.Lifetime": "Information"
    }
  },
  "AllowedHosts": "*",
  "CorsHosts": "",
  "Data": {
    "RepositoryPath": "%ProgramData%\\UniversalAutomation\\Repository",
    "ConnectionString": "%ProgramData%\\UniversalAutomation\\database.db",
    "GitRemote": "",
    "GitUserName": "",
    "GitPassword": "", 
    "ConfigurationScript": ""
  },
  "Api": {
    "Url": ""
  },
  "Authentication" : {
    "Windows": {
      "Enabled": "false"
    },
    "WSFed": {
        "Enabled": "true",
        "MetadataAddress": "https://ironman.local:443/FederationMetadata/2007-06/FederationMetadata.xml",
        "Wtrealm": "https://ironman.local:12345",
        "CallbackPath": "/auth/signin-wsfed"
    },
    "OIDC": {
      "Enabled": "false",
      "CallbackPath": "/auth/signin-oidc",
      "ClientID": "",
      "ClientSecret": "",
      "Resource": "",
      "Authority": "",
      "ResponseType": "",
      "SaveTokens": "false"
    },
    "SessionTimeout": "25"
  },
  "Jwt": {  
    "SigningKey": "PleaseUseYourOwnSigningKeyHere",  
    "Issuer": "IronmanSoftware",
    "Audience": "PowerShellUniversal"
  },
  "UniversalDashboard": {
    "AssetsFolder": "%ProgramData%\\PowerShellUniversal\\Dashboard"
  },
  "ShowDevTools": false,
  "HideAdminConsole": false
}

Finally, you'll need to configure a Claim Issuance Policy for the Relying Party Trust. Create an Issuance Transform Rule that sends at least the Name and Name ID to Universal.

Follow the documentation for the Azure Active Directory configuration found on this .

After configuring ADFS or AAD, you can now provide the properties to Universal for the MetadataAddress and Wtrealm. Read about these settings on the our page.

When running your server, you should now be prompted for your credentials either via the Internet Explorer single-sign system or you will be forwarded to the WS-Fed login page.

Microsoft Document
Settings