I’m attempting to setup SSO via ADFS. The org is set up and I’ve downloaded the metadata and created the Relying Party Trust, but there’s no information on what I should use in the claim rules - email address -> username or username didn’t work.
Did you figure this out? Running into same issue.
Yes I got it working with ADFS. I did the following:
- Email as Name ID (LDAP Attributes)
- Email as ADFS 1.x Email Address (LDAP Attributes)
ADFS 1.x E-Mail address - Transform Claim:
* Incoming claim type: ADFS 1.x E-Mail address
* Outgoing claim type: Name ID
* Outgoing nameID Format: email
* Passthrough all claim types: selected
- if you have multiple orgs, setup SSO on all of them and a Relaying Trust Party for each of them using the full login URL as an identifier: https://elastic.snaplogic.com/api/1/rest/admin/sso/login?org_path=org_name_here
- For one of your Relaying Trust Party, in my case my Dev org, I also added the root part of the login URL as an identifier: https://elastic.snaplogic.com/api/1/rest/admin/sso/login.
URL to trigger SSO login:
You must use the org you setup with the “root” login URL:
* Option 1 - Direct URL with ORG name
* Option 2 - Go to SnapLogic login page, click on “Log in via SSO”, type your Org name in the box and log in.