In order to setup SSO (Single Sign On) between Samanage and your ADFS (Active Directory Federation Services) server the following configuration procedure should be followed:
Enter your Identify Provide URL. For ADFS see screenshot below, and make sure you have the correct certificate:
If you wish your users to always login via Active Directory SSO -
please check the box before 'Redirect to the saml login page when
logging into Samanage by default' (at the bottom of screenshot above).
In your ADFS server:
- Set relying party to samanage.com. The relying party's federation metadata url is: https://YOURACCOUTNAME.samanage.com/saml/metadata
- Define your endpoints: https://app.samanage.com/saml/YOURACCOUNTNAME and https://YOURACCOUNTNAME.samanage.com
- If you set the CNAME in Samanage, e.g. https://support.YOURACCOUNT.com also add this as an endpoint.
- Add a claims rule: We need to receive the request with NameID and the
NameID format should be email. So you need to set 'Outgoing claim type'
NameID and 'Outgoing name ID format'