SAML 2.0 Configuration using ADFS SSO

Owned by Sitaram Sharma (Deactivated)
Jun 11, 2020
2 min read

Set Up an ADFS SAML Connection

Create a custom SAML connection to Microsoft's Active Directory Federation Services (ADFS) to get more flexibility when configuring your mappings.

Instruction

To create the custom connection, you will need to:

  1. Configure ADFS.

  2. Create a SAML connection where Auth0 acts as the service provider.

  3. Edit the Relying Party Trust in ADFS.

  4. Enable and test your integration.

The following sections will guide you through this process.

Prerequisite Steps to Carry Out in ADFS 4.0

  1. Navigate to Start >> All Programs >> Administrative Tools, and open ADFS 4.0 Management.

  2. The first step is to add Trust Relationships in ADFS 4.0, to add Hyper Cloud SAML details. Under Trust Relationships, right-click on Relying Party Trusts and select Add Relying Party Trust from the drop down menu. A wizard window will open up as shown in the image below:

  3. Click Start and proceed to the next step, Select Data Source. Here, choose the second option, Import data about the relying party from a file. Click Browse, import the metadata file downloaded earlier from HyperCloud Portal, and click 'Next'.

  4. In this step, set a Display name for the relying party, i.e. HyperCloud and click Next

  5. Choose Access Control Policy: Here, select the first option Permit everyone and proceed.

  6. Skip the Ready to Add Trust step and then click Close.

  7. HyperCloud will now be displayed in the Relying Party Trusts list. Right-click on the same and select 'Properties' from the drop down menu as shown below.

  8. In the dialog box that opens, switch to the Advanced tab and specify SHA 1 as the secure hash algorithm. Apply changes and close the window.

  9. Right-click on HyperCloud again and now select Edit Claim Insurance Policy.

  10. In the dialog box that opens, click Add Rule under Issuance Transform Rules.

  11. Set Transform an Incoming Claim as the claim rule template and click 'Next'.12.  

  12. Under Configure Claim Rule,

  • Enter NameID as the claim rule name.

  • Set Windows account name as the incoming claim type.

  • Set Name ID as the outgoing claim type.

  • Select Transient Identifier for outgoing name ID format.

  • Click Finish.

  • Click Apply to save changes and close the Edit Claim Rules window.

Providing ADFS 4.0 Details in Hyper Cloud Portal to Enable SSO Services 

  1. Open Hyper Cloud URL again and navigate to the Administration>Users>Identity Provider for SAML SSO configuration page.

  1. Upload/PasteIdP metadata xml content in SAML Page

  2. The XML file can be downloaded from ADFS  console. In the console's left navigation pane, click on Endpoints and scroll down to the Metadata list. Now, locate the URL Path provided for the Federation Metadata type in this list and open the URL in a new browser tab to download the metadata XML file.

  3. ADFS SSO service is now successfully configured for Hyper Cloud Portal. Click on Active tab to Enable SAML SSO service. Try logging out and logging back to Hyper Cloud Portal  to test the configuration.

Related articles