Skip Navigation

Domain authentication command values

Value
Description
DomainName
"www.example.com"
Authentication
Federated
IssuerUri
"https://idp.blackberry.com-123456"
FederationBrandName
"Example.com Enterprise ID"
PassiveSignInUri
"https://idp.blackberry.com/1234565/idp/profile/SAML2/POST/SSO/https%3A%2F%2Fidp.blackberry.com-123456"
SignOutUri
https://idp.blackberry.com/123456/idp/profile/SAML2/Redirect/SLO/https%3A%2F%2Fidp.blackberry.com-123456"
ActiveSignInUri
"https://idp.blackberry.com/123456/idp/profile/SAML2/SOAP/ECP/https%3A%2F%2Fidp.blackberry.com-123456"
PreferredAuthenticationMethod
"SAMLP"
FederatedIdpMfaBehavior
Select one of the following. If FederatedIdpMfaBehavior is not set, the default value is set to acceptIfMfaDoneByFederatedIdp.
  • acceptIfMfaDoneByFederatedIdp
  • enforceMfaByFederatedIdp
  • rejectMfaByFederatedIdp
For more information, see the Microsoft reference internalDomainFederation resource type.