SafeTitan supports the OIDC federation protocol for SSO integration with ADFS 2016 (NOTE: Earlier versions of ADFS do not have support for OpenID Connect). The configuration steps for setting up this integration are listed below. It is broken into 2 steps :-
- Register Application in your ADFS management portal.
- Update Authentication Settings in your SafeTitan portal.
Register Application in ADFS Management portal
The first step is to register the SafeTitan application within the ADFS management console. This will generate an application id and allow for your application to receive security tokens. Basically when the SafeTitan application provides the generated application ID during the authentication flow, ADFS will provide a level of trust by providing the authenticated security token to SafeTitan to proceed with login. The steps involved in registering the application are listed below:-
- Navigate to the ADFS management console.
- Right click on Application Groups and select Add Application Group.
- In the wizard that appears, provide a name for the application and under Client-Server Applications select Web browser accessing a web application and click next.
- In the next step make note of the Client ID. This will be needed when configuring the application on the SafeTitan portal.
- Click next and review the settings on the summary page, click next and complete.
Configuration on SafeTitan
The last step is to add the minimal configuration needed to your SafeTitan portal.
- Login to your SafeTitan portal as an administrative user.
- From the menu on the left, select Configuration and then Authentication Settings
- From the Authentication Type drop-down, select OpenID.
- For each of the fields, provide the values:
- Click Save
This concludes the setup. Please note that it may take one day for the changes to take effect,