3160867 - On-Premise: SAML-Configuration of Microsoft Active Directory Federation Services (ADFS)

 

If you are in our cloud, we would ask you to use the following article. 

We want to configure the SAML-integration in the On-Premise version (12.12.+) with our ADFS. Which instructions do we have to follow?

1. Add a new Relying Party Trust
2. Choose the option "Enter data about the relying party manually"
3. Choose the "AD FS profile"-option

4. Skip the certificate option

5. Activate the checkbox "Enable support for the SAML 2.0 SSO service URL" and type the following URL: https://<Ihre Server-URL>/api/v2/saml/v2/tenant/<Workspace ID>/login
   (Replace the placeholder <workspace ID> with the workspace ID of your tenant. You can find the workspace ID in the Process Manager Explorer > Help > Workspace information.)
6. Add the Server-URL from your configuration.xml as an identifier (Please note upper and lower case letters)
   Example: https://<Your Server-URL>/api/v2/saml/v2/tenant/<Workspace ID>/metadata

7. Create a new outgoing claim rule, which will send LDAP attributes as claims. For this purpose, map the following outgoing claim types to LDAP attributes:

   LDAP-Attribute	Outgoing Claim Type
   Given Name	first_name
   Surname	last_name
   E-Mail Addresses	email
   SAM-Account-Name	Name Id (from the drop-down menu)

8. Once the configuration on both sides has been completed, you can test the SSO via this URL:
   https://<Your Server-URL>/p/hub

KBA , BPI-SIG-CA-SEC-SAM , SAML 2.0 for SAP Signavio , How To

SAP Signavio Process Manager all versions ; Signavio Process Manager all versions