This article is a supplement to our main article on SSO (please read that first for context).
Step 1: Provide Skedda with your Entity ID, Certificate Public Key, and Login URL
In your Server Manager, choose AD FS Management:
Choose "Edit Federation Service Properties..."
Copy the Federation Service identifier information and input this in Skedda as your Identity Provider Entity ID.
Get your Base64-encoded certificate key:
Use a text-editor to copy the Base64 text of the certificate and paste this into Skedda as your Identity Provider Certificate Public Key.
Grab the URL path of your login endpoint which you'll provide as the Identity Provider Login URL in Skedda:
Step 2: Add a Relying Party Trust for Skedda
Add a new Relying Party Trust for Skedda:
The trust should be a Claims-aware trust:
Choose the option to enter data about the relying party manually:
Type "Skedda" as the display name:
In the "Configure Certificate" step, just click next (Skedda expects signed assertions without encryption at this level):
Enter the Skedda ACS URL in the "Configure URL" step:
Use the Skedda Entity ID for the "Relying party trust identifier" and make sure you click "Add":
Configure the Access Control Policy according to your needs (e.g. permit everyone):
Review your settings and click "Next":
Finish the wizard and check the option to configure claims:
Step 3: Set up the required attribute claims
Choose to "Edit Claims Issuance Policy..." for your new Skedda app:
Choose "Send LDAP Attributes as Claims" and click Next:
Map the attributes as shown below:
Step 4: Setup complete!
Feel free to reach out to our support team if you have any questions on setting up SSO with ADFS!
If you're having trouble getting SSO to work after setting it up, take a look at our SSO Troubleshooting article!