Home » Identity and Access Management: CAF » CAF Support » FIM Tools

FIM Tools

Shibboleth v4 Upgrade Guidance

Regardless of the platform you use, keeping current on your Identity Provider (IdP) software is a vital factor in your organization’s security practices. This guidance highlights upcoming end-of-support in December 2020 for Shibboleth IdPs older than v4.0.1 and aims to … Read More


The ADFSToolkit functionality has been added to the CAF Federated Identity Management (FIM) service. The ADFSToolkit is a set of tools to augment existing ADFS Identity Provider installations and allows an existing ADFS Identity Provider to have an additional option for participation in FIM.

CANARIE has published the ADFSToolkit module in the Microsoft PowerShellGallery.

The key items enabled by the ADFSToolkit are:

  • Retrieval and signature verification of the CAF FIM service trust records
  • Ingestion of the entities into ADFS using the one-at-a-time trust relationship paradigm
  • Automatic setting of attribute release policies for entity categories
  • Site-specific additions of attribute releases on a per service basis
  • Ability to keep current with the CAF FIM service trust records on an hourly basis by setting a scheduled job
  • Ability to better diagnose problems

ADFSToolkit Installation Guide

Using SAML Proxying in the Shibboleth IdP to Connect with Azure AD

You may find this solution here. It is a CANARIE contribution back to the international community.

The most current version of this technical guide is located on the Shibboleth Wiki located here. The French version will be updated regularly on our website.