To set up a trust relationship, configure the ADFS server as an identity provider for Identity Server.
On the Home page, click Applications > Select a Cluster > New Application > WS Federation Identity Provider.
Specify the following details:
|
Field |
Description |
|---|---|
|
Name |
Specify a name that identifies the identity provider, such as Adatum. |
|
Provider ID |
Specify the federation service URI of the identity provider. For example, urn:federation:adatum. |
|
Sign-on URL |
Specify the login URL. For example, https://adfsaccount.adatum.com/adfs/ls/. |
|
Logout URL |
Specify the logout URL. For example, https://adfsresource.treyresearch.net/adfs/ls/ |
|
Signing Certificate |
Specify the path to the signing certificate of the ADFS server. |
Click Next, confirm the certificate and click Save.
For the authentication card, specify the following values:
|
Field |
Description |
|---|---|
|
Authentication |
Select an image, such as Customizable, or any other image. |
|
Card ID |
Leave this field blank. |
|
Card Name |
Specify a description. This is shown when a user hovers the mouse over the card. |
|
Show Card |
Select this option to display the card as a login option. |
Click Save.
For information about additional configuration steps required to use this identity provider, see Using the ADFS Server as an Identity Provider for an Access Manager Protected Resource.
NOTE:Use this configuration only in the test environment and not in the production environment.
On the Home page, click Applications > Select a Cluster > New Application > WS Federation Identity Provider.
Specify the following details:
|
Field |
Description |
|---|---|
|
Name |
Specify a name that identifies the identity provider. |
|
Provider ID |
https://240onbox.nam.example.com:8443/nidp/wsfed/ |
|
Sign-on URL |
https://240onbox.nam.example.com:8443/nidp/wsfed/ep. |
|
Logout URL |
https://240onbox.nam.example.com:8443/nidp/wsfed/loreply |
Upload the test-signing certificate of the trusted identity provider.
On the Home page, click Certificates > test-signing > Export Public Certificate > DER File > test-signing)
Click Next.
For the authentication card, specify the following values:
|
Field |
Description |
|---|---|
|
Authentication |
Select an image. |
|
Card ID |
Specify an alphanumeric value. This value is persistent. If you do not assign a value, Identity Server creates an internal value that keeps changing whenever you restart Identity Server. |
|
Card Name |
Specify a description to help a user understand the authentication method of the card. This description is displayed when the user hovers over the authentication card. |
|
Show Card |
Select this option to display the card as a login option. |
Click Save.