Your Prolaborate site should have a valid SSL Certificate.
If you don’t have an SSL Certificate, you can create a self-signed certificate yourself. Please get in touch with the Prolaborate team to know more about it.
To configure the Service Provider, click on Menu ? SAML Single Sign On.
Click Enable SSO at the top of the page that appears.
Under Service Provider Configuration,
|Name||The name will be prefilled|
|Assertion Consumer URL||Assertion Consumer URL will be Prefilled|
|Certificate File||Choose the .pfx file of your SSL certificate|
|Certificate Password||Enter the Password of the .pfx file|
The following sections will elaborate the steps involved in setting up Prolaborate in ADFS.
Under Signature section, click Add and choose the .cer file of your Prolaborate application SSL certificate and then click OK.
Click on the create Party Trusts Name and select Edit claim Issuance Policy under Actions.
1.Click Add Rule
2. Choose Send LDAP Attributes as Claims for Claim rule template and click Next
3. Enter Claim Rule name as Prolaborate ADFS SSO and choose Active Directory as attribute store.
4. Claims type should be configured as below and click Finish,
|Token Groups – Unqualified Names||Group|
Note: The below mentioned values are reused from Azure AD Claims. Please use below mentioned claims in attribute mapping field while configuring in Prolaborate.
Click Apply and OK.
Fill the Identity Provider Configuration as per the instructions below:
1. Fill out the Name field using Entity ID URL from the ADFS Federation Metadata XML file. You can get the Metadata XML file using the below link.
https://[servername or hostname]/FederationMetadata/2007-06/FederationMetadata.xml
2. Please replace [servername or hostname] with ADFS server name and hit this URL in the browser to download the ADFS Federation Metadata XML file.
3. Sign In URL will be the IDTokenIssuer availed from Windows PowerShell in Server.
4. Enter “Get-AdfsProperties” command in Windows PowerShell and get the value of IDTokenissuer and append it with /ls/idpinitiatedsignon to get the Sign In URL.
For example: http://adfs.prolaborate.com/adfs/services/trust
5. Fill Sign Out URL field using Single Logout Service URL from the ADFS Federation Metadata XML file
6. Certificate File: Choose the .cer using Entity Description ID from the ADFS Federation Metadata XML file. Copy the Entity Description ID and paste it to notepad and save it as IDPcertificate.cer file
Once details are filled out, select the required Access Control Profile from the dropdown menu.
When all the values have been entered into the appropriate fields, the SAML configuration form will resemble the reference image shown below.
Once the configuration is complete, users will notice a new Login with SSO button on the login page.
When clicking on it, users will be redirected to an URL as per configuration. They can then give their ADFS credentials to login to Prolaborate
Note: The Repositories you see will be based on Default Access Control Profile.
When a user logs out from Prolaborate, the user will be logged out from all applications signed in using their SSO credentials.