To establish a trusted relationship with the ADFS server, you need to set up the ADFS server as service provider. The trusted relationship allows the service provider to trust Identity Server for user authentication credentials.
Click Devices > Identity Servers > Edit > WS Federation > New > Service Provider.
Specify the following details:
|
Field |
Description |
|---|---|
|
Name |
Specify a name that identifies the service provider, such as TreyResearch. |
|
Provider ID |
Specify the provider ID of the ADFS server. The default value is urn:federation:treyresearch. |
|
Sign-on URL |
Specify the URL that the user is redirected to after login. The default value is https://adfsresource.treyresearch.net/adfs/ls/. |
|
Logout URL |
(Optional) Specify the URL that the user can use for logging out. The default value is https://adfsresource.treyresearch.net/adfs/ls. |
|
Service Provider |
Specify the path to the signing certificate of the ADFS server. |
Click Next, confirm the certificate, and click Finish.
For more information, see Using Identity Server as an Identity Provider for ADFS.
NOTE:Use this configuration only in a test environment and not in a production environment.
Click Devices > Identity Servers > Edit > WS Federation > New > Service Provider.
Specify the following details:
|
Field |
Description |
|---|---|
|
Name |
Specify a name that identifies the service provider. |
|
Provider ID |
https://240onbox.nam.example.com:8443/nidp/wsfed/. |
|
Sign-on URL |
https://240onbox.nam.example.com:8443/nidp/wsfed/ep. |
|
Logout URL |
https://240onbox.nam.example.com:8443/nidp/wsfed/loreply |
Upload the test-signing certificate.
(Dashboard > Certificates > test-signing > Export Public Certificate > DER File > test-signing.)
Click Next, confirm the certificate, and click Finish.