Error:

Javascript is in deze browser uitgeschakeld. Voor deze pagina is Javascript vereist. Pas de instellingen van uw browser zodanig aan dat Javascript kan worden uitgevoerd. Zie de documentatie van uw browser voor meer specifieke instructies.

Z7_99H0H382L00010Q975FF6J3GK5

MFAS Default Content

Actions

Microsoft ADFS

It is assumed the ADFS server is up and running and can be reached from the end-users machine.

Create relying party trust

From the ADFS Management Console, select Trust Relationships > Relying Party Trusts.

Click on “Add Relying Party Trust” on the right:

Select claims aware:

Import the metadata export from the SSO Gateway:
https://www.mfas.nl/sso/ibm/saml20/<customerid>/samlmetadata
In the above URI’s, the term “<customerid>” must match the Customers unique id and will be provided by the MFAS Portal administrator.

Create claim rules

After the import, add “Claim issuance Policy”
Select rule template: Send LDAP Attributes as Claims:

Give it a name, for example “Select attribute from AD”.
Set LDAP Attribute to “E-Mail-Address” and Outgoing claim type “E-Mail Address”:

Add another rule.
Select rule template: Transform an Incoming Claim:

Give it a name, for example “Transform Email to NameID”.
Set incoming claim type to “E-Mail Address”, outgoing claim type to “Name ID” and outgoing name ID format to “Email”:

Provide the metadata

After this configuration, provide the SAML metadata URL; for instance:
https://adfs.acuity.nl/federationmetadata/2007-06/federationmetadata.xml

Send the metadata URL to the MFAS Portal administrator.

Complementary Content

${loading}