SnapLogic - Integration Nation

Acosta · ‎03-23-2018

I’m attempting to setup SSO via ADFS. The org is set up and I’ve downloaded the metadata and created the Relying Party Trust, but there’s no information on what I should use in the claim rules - email address → username or username didn’t work.

epearson · ‎10-12-2018

Did you figure this out? Running into same issue.

Acosta · ‎10-16-2018

Yes I got it working with ADFS. I did the following:

Claim Rules:
LDAP Attributes:
- Email as Name ID (LDAP Attributes)
- Email as ADFS 1.x Email Address (LDAP Attributes)

ADFS 1.x E-Mail address - Transform Claim:
* Incoming claim type: ADFS 1.x E-Mail address
* Outgoing claim type: Name ID
* Outgoing nameID Format: email
* Passthrough all claim types: selected

Identifiers:
- if you have multiple orgs, setup SSO on all of them and a Relaying Trust Party for each of them using the full login URL as an identifier: https://elastic.snaplogic.com/api/1/rest/admin/sso/login?org_path=**_org_name_here_**
- For one of your Relaying Trust Party, in my case my Dev org, I also added the root part of the login URL as an identifier: https://elastic.snaplogic.com/api/1/rest/admin/sso/login.

URL to trigger SSO login:
You must use the org you setup with the “root” login URL:
* Option 1 - Direct URL with ORG name
* Option 2 - Go to SnapLogic login page, click on “Log in via SSO”, type your Org name in the box and log in.

SnapLogic - Integration Nation

SSO with ADFS missing Claim Rules