Adding Windows 10 Edge support for ADFS SSO

After implementing ADFS the other day, we noticed that users on Windows 10 weren’t seeing SSO via ADFS when using the edge browser.

As a default, ADFS looks for certain strings from the browser to identify what the user is using as well as which ones are supported.

Since Edge came out, the version of ADFS that ships with Server 2012 R2, the edge string isn’t included, only the following by default:

  • MSAuthHost/1.0/In-Domain
  • MSIE 6.0
  • MSIE 7.0
  • MSIE 8.0
  • MSIE 9.0
  • MSIE 10.0
  • Trident/7.0
  • MSIPC
  • Windows Rights Management Client

Some information on configuring intranet forms based authentication

The string we need to add is “Edge/12”

The easiest way to do this is with a simple bit of PowerShell:

$Props=Get-ADFSProperties | Select -ExpandProperty WIASupportedUserAgents
$Props=$Props+"Edge/12"
$Props
Set-ADFSProperties -WIASupportedUserAgents $Props
Restart-Service adfssrv

With this we read in the current browser strings into an array using Get-ADFSProperties

We then append the new string for the Edge browser (Edge/12)

Then we set the WIASupportedUserAgents properties and then finally restart the ADFS service

This will then allow users to benefit from SSO using the Edge browser.

Find this useful? There’s plenty more where that came from – head over to our learning hub!
Share on Facebook
Share on Twitter
Share on LinkedIn

Related blogs

two people at desk looking at code

AOVPN DPC V4.0 is Now Live!

Today we’re very excited to announce the release of AOVPN DPC 4.0 with support for Windows 11! AOVPN Dynamic Profile Configurator is now functional with