Integrations · Identity & SSO

MFA where your identity lives.

Put the Mideye second factor inside your single sign-on, and every application behind it is covered at once. ADFS, Entra ID federation, SAML platforms, and Windows Hello for Business, with users staying in your directory.

  • One MFA step, all SSO apps
  • No directory changes
  • Native ADFS module

Step-by-step guides

Your identity platform, documented.

The ADFS module is Mideye's deepest identity integration, with guides for the most common federation topologies.

Microsoft ADFS

  • Mideye module as an additional authentication provider
  • Per-relying-party MFA policies
  • Covers Microsoft 365 for federated domains
ADFS module guide

ADFS topologies

  • RDS with Web Application Proxy
  • AWS Cognito federation
  • Federated domain trust with Assisted Login
ADFS with RDS and WAP

Windows Hello for Business

  • Mideye MFA during Windows Hello provisioning
  • Strong enrolment for passwordless rollouts
Windows Hello guide

SAML & access platforms

  • SAML 2.0 identity providers
  • CA SiteMinder
  • Cisco ISE
  • MFA step delegated over standard RADIUS
RADIUS reference

Coming soon

Entra ID external MFA and Keycloak, in beta.

Two identity integrations are in beta. We run both for our own logins today, and we are finishing the customer onboarding before general availability.

Microsoft Entra ID external MFABeta

  • Mideye as an Entra External Authentication Method (EAM)
  • Conditional Access sends the MFA step to Mideye
  • Runs in production for Mideye's own workforce today
Ask about early access

Keycloak with Mideye MFABeta

  • Mideye as an authenticator step in the Keycloak login flow
  • Touch-Accept push, SMS magic link, or hardware-token OTP
  • Optional Mideye Shield IP screening before the password prompt
Ask about early access

FAQ

Frequently asked questions.

How do I add MFA to Microsoft ADFS?

Install the Mideye ADFS module on your federation servers. It registers as an additional authentication provider, so any relying party can require a Mideye second factor: a Mideye+ push, an SMS one-time code, or a hardware-token OTP. Users and group policies stay in Active Directory.

Does Mideye work with Entra ID (Azure AD)?

Yes, in two ways. Today, federated domains authenticate through ADFS with the Mideye module, which covers Microsoft 365 and Azure sign-ins for federated users. A direct Entra ID integration, where Mideye acts as an External Authentication Method for Conditional Access, is in beta.

Can I use Mideye with a SAML or OIDC identity provider?

Any identity provider that can delegate authentication over RADIUS can use Mideye as its MFA step. This covers SAML 2.0 platforms, CA SiteMinder, Cisco ISE, and similar products. A Keycloak integration with a native Mideye authenticator step is in beta.

One MFA step for everything behind SSO.

Tell us which identity platform you run, and we will map the integration with your team.