![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(172.8, 24%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERV%3C/text%3E%3C/svg%3E)
Active Directory
A set of directory-based technologies included in Windows Server.
6,975 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 68%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELT%3C/text%3E%3C/svg%3E)
Hello Raul,
Thank you for your question and for reaching out with your question today.
In Active Directory Federation Services (ADFS), it is not possible to enable simultaneous authentication of user credentials (username/password) and client certificates out of the box. ADFS supports multiple authentication methods, but it typically follows a fallback mechanism where it tries one authentication method and if it fails, it moves on to the next method.
When you enable both Forms Authentication and Certificate Authentication in ADFS, it will prioritize one method over the other based on the configuration. For example, if Forms Authentication is listed before Certificate Authentication in the authentication methods configuration, it will prompt for username and password first and only fall back to certificate authentication if the user doesn't provide valid credentials. The order of the authentication methods can be modified to change the priority.
To achieve simultaneous authentication of both username/password and client certificate, you would need to customize the ADFS authentication pipeline. This involves creating a custom authentication provider or using third-party solutions that offer this capability. Customization of the ADFS authentication pipeline is an advanced task and requires in-depth knowledge of ADFS and development skills.
If you require simultaneous authentication of user credentials and client certificates, it is recommended to consult with an experienced ADFS specialist or consider using alternative solutions that provide this functionality out of the box.
I used AI provided by ChatGPT to formulate part of this response. I have verified that the information is accurate before sharing it with you.
If the reply was helpful, please don’t forget to upvote or accept as answer.
Best regards.