If you already are using ADFS at your company, you can connect to your StatusHub to help keep your hub private. To protect your hub with ADFS just follow the steps below.
1. Go to your hub edit page.
2. Select the "Restricted Access" section and enable "restrict access using SAML 2.0"
3. Copy the "SSO URL" value and keep this tab open as you will need it in a moment
4. Navigate to ADFS settings and create Relying Party Trust:
5. Select "Claims aware" one:
6. Select "Enter data about the relying party manually"
7. Set a name,
8. Skip token encryption certificate setting,
9. Enable support for the SAML 2.0 and paste in "SSO URL" from StatusHub as "Relying party SAML 2.0 SSO service URL":
10. Use the "SSO URL" for "Relying party trust identifier" and Add it,
11. Follow through rest of wizard steps
12. Now you need to set-up Claims to pass the user's email to StatusHub,
13. Use "Edit Claim Issuance Policy" for newly created "Relying Party Trust":
14. Add Rule,
15. Use "Send LDAP Attributes as Claims":
16. Set a name for the rule and Set "E-Mail-Address" as an "LDAP Attribute" and "Name ID" as "Outgoing Claim Type":
17. Finish creating claim,
18. Make sure that all your relevant users have E-Mail address field filed in Active Directory,
19. In ADFS Console navigate to "Service" -> "Endpoints" and search for "Federation Metadata" in "Metadata" section:
20. Use this link to obtain metadata XML. If your ADSF installation is configured as sts.example.com, then URL will be https://sts.example.com/FederationMetadata/2007-06/FederationMetadata.xml
21. Copy the content of this metadata and navigate to StatusHub tab with hub edit screen,
22. Paste in the metadata XML in "SAML 2.0 IdP metadata in XML format" field:
23. Save changes
From this moment anyone who would like to view your hub will have to be authorised by your ADFS installation.
Comments
0 comments
Article is closed for comments.