Configuring SAML authentication for Microsoft AD FS in Applications Manager

Configuring SAML authentication for Microsoft AD FS in Applications Manager

Follow the steps given below to configure SAML authentication for Azure ADFS in Applications Manager:

The first part of this process includes configuring AD FS. If you want to do this manually, start following from Step 4.

1. Open AD FS management console and click on Add Relying Party Trust to open the wizard.



2. Now, go to Applications Manager and navigate to Settings -> User Management -> SAML Authentication. Download the Service Provider metadata and SP Certificate files from the links provided in the SP certificate file and SP metadata file  fields and copy the values of Entity ID and Assertion Consumer URL fields.



3. Switch to the AD FS window, click Start and choose Import data about the relying party from a file option. Upload the metadata file. Click on Next.


 After the above steps, you can skip to step 7 in the Configuring AD FS manually section.

Configuring AD FS manually:

1. Login to AD FS management and select Add Relying Party Trust.

2. Click Start and choose Enter data about the relying party manually option. Click on Next.



3. Go to Choose Profile and select AD FS profile. Click Next.



4. Choose Enable support for SAML 2.0 WebSSO protocol option and enter the service provider URL. Click on Next.



5. Open Applications Manager and copy the Entity ID. Go to Configure Identifiers in Microsoft AD FS profile and paste the Entity ID in Relying party trust identifier  field.



6. Choose the I do not want to configure multi-factor authentication settings for this relying party trust at this time option. Click Next.



7. Select Permit all users to access this relying party option. Click Next.



8.  When the successive window opens, click Next.



9. Check the Open the Edit Claim Rules dialog for this relying party trust option when the wizard closes and click on Close.



10. Click on Add Rule. In the drop-down list under the Claim rule template, choose Transform an Incoming Claim and click Next.





11. Enter an appropriate Claim rule name. Choose Windows account name as Incoming claim type. Select Name ID as Outgoing claim type. Choose Transient Identifier as Outgoing name ID format. Select Pass through all claim values. Click on Finish.



12. Click on Apply and then select OK.

13. The next step is to download the Federation Metadata XML file from ADFS. You can download the XML by appending: FederationMetadata/2007-06/FederationMetadata.xml to the root URL of the ADFS server.

14. Open Applications Manager, navigate to the Settings -> User Management -> SAML Authentication. Here, select the IdP as AD FS and choose the Name ID as Username. Adjacent to Configuration by uploading, choose Metadata and upload the Metadata XML file.

  
Once the configurations are done on both sides, SAML authentication via AD FS will be enabled in Applications Manager. 
You will now be able to login to Applications Manager using your Microsoft AD FS account from the login page.
                New to ADManager Plus?

                  New to ADSelfService Plus?

                    • Related Articles

                    • SAML Authentication FAQs

                      1. Do we have an option to enable or disable AD authentication while using SAML? Yes. Once SAML authentication is enabled, there will be a checkbox to disable other authentications and you can disable other login methods, if necessary. Also, you will ...
                    • Authentication Methods in Applications Manager

                      Authentication involves validating an incoming user to facilitate the access to a specific resource. There are various authentication methods that you can use - based on the requirements and usage. In recent times, numerous organizations are ...
                    • Configuring SAML authentication for OneLogin in Applications Manager

                      Follow the steps given below to configure SAML authentication for OneLogin in Applications Manager: 1. Open OneLogin and navigate to Applications tab. 2. Search and select SAML Custom Connector (Advanced) in the search bar. 3. Open Configuration tab, ...
                    • Configuring SAML authentication for JumpCloud in Applications Manager

                      Follow the steps given below to configure SAML authentication for JumpCloud in Applications Manager: 1. Login to JumpCloud and in the left side menu, click on User Management -> SSO. Click on the '+' (Add ) symbol, adjacent to the left tree. 2. In ...
                    • Configuring SAML authentication for Okta in Applications Manager

                      Follow the steps given below to configure SAML authentication for Okta in Applications Manager: 1. Go to www.okta.com. Login to Okta. Click on the Admin tab and navigate to Applications. 2. Click on Create a new app integration and select SAML 2.0 ...