# SSO For ADFS ### Setting up Single Sign-On using Active Directory with ADFS and SAML 2.0 #### Step 1 – Adding a Relying Party Trust To set up the ADFS connection with AutoRABIT using a Relying Party Trust (RPT), follow the below steps: 1. Login to the **ADFS Server**. 2. Launch the **ADFS Management Console**. 3. Click on **“Add Relying Party Trust…”** from the **Actions** sidebar on the right.

4. On the **Select Data Source** screen, select the last option: **Enter data about the relying party manually.**

5. On the next screen, enter a **Display name** that you will recognize in the future.

6. On the next screen, select **AD FS profile**.

7. On the next screen, leave the defaults.

8. On the next screen, check the box labeled: **Enable support for the SAML 2.0 WebSSO protocol**. 9. Enter the service URL. **For ex-** *pg.autorabit.com/saml/SSO*

10. Click **Next**. 11. On the next screen, add a Relying party trust identifier named **** and click **Add**. 12. On the next screen, leave the defaults.

13. On the next screen, select: **Permit all users to access this relying party**.

14. On the next screens, the wizard will display an overview of your settings. Click **Next**.

15. On the final screen use the **Close** button to exit and open the Claim Rules editor.

#### Step 2 – Creating Claim Rules Once the Relying Party Trust exists, you can create the claim rules and update the Relying Party Trust with minor changes that are not set by the wizard. 1. By default, the Claim Rules editor opens once you created the trust. 2. To create a new rule, click on **Add Rule**.

3. Select: **Send LDAP Attributes as Claims rule**.

4. On the next screen, using **Active Directory** as your attribute store, do the following: * From the LDAP Attribute column, select **E-Mail Addresses**. * From the Outgoing Claim Type, select **E-Mail Address**.

5. Click **OK** to save the new rule. 6. Create another new rule by clicking **Add Rule**.

7. Select: **Transform an Incoming Claim as the template**.

8. On the next screen: * Select **E-mail Address** as the Incoming Claim Type. * For Outgoing Claim Type, select **Name ID**. * For Outgoing Name ID Format, select **Email**. * Leave the rule to the default of **Pass through all claim values**.

9. Finally, click **OK** to create the claim rule, and then **OK** again to finish creating rules.

10. Under **ADFS Management Console**, navigate to **Services > Endpoints** and find the URL to download the metadata XML file. See the screenshot attached.

#### Step 3: Configuring SSO in AutoRABIT Now that your ADFS SSO implementation is set up, you’ll need to follow just a few more steps to configure SSO in your AutoRABIT account. 1. Log in to your AutoRABIT account. 2. Hover your mouse over the **Admin** module and select the option: **My Account** 3. On the **My Account** page, go to the **SSO Configuration** section. 4. Browse for the metadata XML file that you have downloaded previously in your local machine and upload them.

5. Sign out from your AutoRABIT account. 6. Go to the AutoRABIT login page. This time you need to login via SSO, so, therefore, click on the option: **Single Sign On.**

7. Enter the domain name and click on **Go**. 8. Next, you will be redirected to your custom domain URL where you need to enter the **username** and **password** to access the AutoRABIT. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://knowledgebase.autorabit.com/product-guides/arm/integration-and-plugins/sso/sso-for-adfs.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.