Active Directory On-Premises Integration and SSO for Zero Trust Secure Access

Integrate with Active Directory (on-premises) to authenticate access attempts and take action on risky account activity.

Active Directory (on-premises) integration requires the use of a Service Gateway, third-party integration settings, and SSO.


You cannot configure single sign-on (SSO) from multiple IAMs. Ensure that you configure the necessary permissions and SSO on the IAM you want to use for Private Access and Internet Access authentication.

  1. Prepare a VMware ESXi or Microsoft Hyper-V Service Gateway appliance that connects to your on-premises Active Directory server.
  2. Connect your Service Gateway by configuring Third-Party Integration > Active Directory (on-premises).
  3. Go to Zero Trust Secure Access > Secure Access Configuration > Identity and Access Management.
  4. Click Active Directory (on-premises) using ADFS authentication.
  5. In the IAM System Settings panel, toggle On the Policy enforcement permission control.
  6. Configure your Active Directory ADFS SSO settings.