Anyone has done ColdFusion SAML configuration with ADFS? I have a few questions regarding the CF and ADFS setup. I have new CF2021 and ADFS both inside hyper-v...The ADFS server DNS is https://myadfs.com, The CF site is https://mycfapplication.com. I have successfully created ADFS and linked it to AD. The question is should I be able to call the https://myadfs.com/adfs/ls/idpinitiatedsignon.aspx page from the CF server? or it is only accessible on the ADFS server? Also, do we need open any port so both servers can communicate? Any help will be appreciated

For SAML, ADFS would be the Identity Provider (IdP) and Coldfusion would be the Service Provider (SP). In the IdP initiated situation, ADFS is initiating the request and sends the user to the mycfapplication URL. If the application is initiating the request, there will be a different URL for CF to send the request to. That all happens over HTTPS/443.

Thanks, Ezra...Does this process involve any certificate? Do I have to add any certificate on the CF server from ADFS or from ADFS to CF? Right now when I do the <cfset response = ProcessSAMLResponse("ADFS-IP","ADFS-SP")> <cfdump var = "#response#"> I am getting "The https://test.com/ is not a valid audience for this response"

ADFS should provide a URL for the IdP. That includes the public certificate on that side. In CF, the SP generates a signing key. The IdP doesn't really care about that, but the SP Entity ID must be unique, and the request must originate from the ACS, setup in CF for the SP, and registered with AD as a valid SP.