SmarterWX allows you to use your Active Directory Federation Server (ADFS) for authenticating and authorising your users. This topic describes the configuration required on the ADFS side of things. Details of setting up integration between SmarterWX and a SAML 2.0 identity provider can be found in the Using Third-Party Authentication Providers help topic.

The screenshots and details here are for ADFS 2.0. There are very limited differences for working with ADFS 3.0. This is provided for convenience only – it is expected that you are familiar with configuring ADFS integration.

Step 1 – Copy the SmarterWX Metadata URL

From the “User Authentication” you can copy the URL for the metadata file to install on your ADFS server. Keep a copy of this URL for later.

Step 2 – Launch the ADFS Administration Tool

Step 3  – Add a new trust for SmarterWX

Step 4 – Enter the URL for the SmarterWX Metadata

Step 5 – Enter a Display Name (Anything will do)

Step 6 – Select the Issuance Authorization Rule

Step 7 – Click Next to Add Trust

Step 8 -Adding Claims Rules

Two claims rules need to be set to list the data to be returned and to map the NameID to an Email Address.

Step 9 – Add “Send LDAP Attributes as Claims” Rule

Step 10 – Add “Transform an Incoming Claim” Rule

 

The rules are now setup to correctly work with SmarterWX. Continue the configuration rules in SmarterWX.

Tagged: