ADFS Integration

Customer IT / SpaceIQ Onboarding Team

 

SiQ supports integration with the ADFS (Active Directory Federation Services). This details how to configure the ADFS integration for SiQ.

Note: It is not possible to import (or pull) new users or profile updates from within SiQ. The information must be pushed from ADFS. 

Content

Prerequisites

  • You will need ADFS with administration privileges to complete this integration and for the SiQ setup, you must have a SiQ Admin or an IT role.

Set SSO Using SAML for SiQ

This section describes how to set up SSO using SAML (Security Assertion Markup Language) (SAML), so your users can use their ADFS credentials to sign in to SiQ app.

Note: For more information on ADFS, see their documentation.

Step 1. Find the ADFS Identity Provider (IdP) information

From the ADFS Console, complete the following:

  1. Sign in to ADFS application admin panel as an Administrator.
  2. Locate and copy the following:
    1. Copy Issuer URL and paste into Step 2's SAML Identify Provider Issuer field.
    2. Copy the X.509 certificate and paste it into Step 2's X.509 Certificate field.

Leave the admin panel open.

 

Step 2. Active the ADFS Integration in SiQ

From the SiQ Web App, complete the following:

  1. Click your Profile Name in the top right corner.
  2. Click Settings. The Settings screen displays.
  3. From the left menu, click Integrations.
  4. From the Third Party Integrations area, click the READ MORE link. The Integrations screen displays.

You can either search for ADFS in the Search field or navigate to the ADFS tile. To navigate complete the following:

  1. From the left menu, click Provisioning & SSO.
  2. For ADFS, click the Activate button.

The ADFS dialog displays and contains the SSO tab.

adfs1.png

Complete the following:

  1. In the SAML Identify Provider Issuer field, enter the URL from the ADFS application admin panel from Step 1.
  2. In the X.509 Certificate field, enter the certificate you downloaded from Step 1.

Step 3. Complete the SSO Configuration in ADFS

Complete the ADFS integration fields:

  1. Copy the SAML Assertion Consumer Endpoint and paste it into your ADFS SAML Assertion Consumer Endpoint field.
  2. Copy the SAML Relay Part Identifier and paste it into your ADFS Relay Party Identifier field.
  3. In the ADFS Portal URL field, paste in the Application Home URL from your ADFS application admin panel.
  4. Optional - In the SSO Redirect URL (SiQ Portal) field, paste the SSO URL from your ADFS application admin panel.
  5. In the Signature Method Algorithm field, paste the signature algorithm method (None, SHA1, SHA2, SHA512).
  6. In the Enable Just-in-Time Provisioning field, enter in either true or false
  7. Click the Activate button.