This guide will show you how to properly set up the Active Directory Federation Services (ADFS) for Single Sign-on when installing Agenda Management.
If you require assistance with the installation of the ADFS despite it not being part of your implementation process, we ask that you contact firstname.lastname@example.org.
You have to make sure that the webserver can contact your ADFS server. For SaaS customers your ADFS has to be able to connect to the internet.
Please consult Microsofts guide for installing an ADFS proxy. You should NEVER allow for an ADFS server to be completely open for internet access.
You have to add Agenda Management as a Relying Party Trust in your ADFS by adding the address of your Agenda Management installation. This address should look something like this: https://example.com/FederationMetadata/, wherein example.com is replaced by the specific address of your Agenda Management installation.
Your trust should be created in such a way that it utilizes the following claims:
- Group SID
This can look like the screen presented below but be aware that this may vary from system to system.
When the aforementioned tasks have been completed and we have recieved the URL of your Metadata, the actual installation will commence and you can start using the ADFS.