AD FS plays a pivotal role in M365 ecosystem, acting as the linchpin for seamless and secure single sign-on experiences. Validating AD FS certificates is crucial to maintaining a secure and reliable authentication infrastructure within M365. This can be achieved by implementing an on-host integration for the New Relic infrastructure agent, which runs on the same server that hosts the AD FS role. The integration provides configuration files and scripts to monitor certificate expirations and metadata exchange documents. By setting up alert conditions using NRQL queries, organizations can receive notifications when a certificate is about to expire or when the metadata exchange document becomes unavailable, allowing them to take proactive measures to ensure the reliability and security of their AD FS implementation.