SAML 2.0 single sign-on (SSO) supports integration with Microsoft Active Directory Federation Services (ADFS) 3.0.

Note: If you're using the Playvox Europe hosted site make sure to change all the .com in URLs to .eu

Step 1: On your ADFS Server, Open up AD FS Management.

Login into your AD FS server and launch the ADFS Management Console via the shortcut in Control Panel\Administrative Tools.

Step 2: Right-click on Relying Party Trusts and select Add Relying Party Trust. This will launch the Add Relying Party Trust Wizard.

Step 3: In the Select Data Source step, choose Enter data about the relying party manually.

Step 4: Enter a Display name and click Next

Step 5: Choose AD FS profile with SAML 2.0 and click Next.

Step 5: Click Next on the Configure Certificate screen without choosing any certificates.

Step 6: Select Enable support for the SAML 2.0 SSO Web SSO protocol.

Step 7: Enter the login URL https://my.playvox.com/saml/consumer and click Next.

If you're using the Playvox Europe hosted site make sure to change all the .com in URLs to .eu https://my.playvox.eu/saml/consumer

Note: Please make that you always use an https URL

Step 8: Add a Relying party trust identifier

Add https://my.playvox.com/saml/audience and click Next.

If you're using the Playvox Europe hosted site make sure to change all the .com in URLs to .eu https://my.playvox.eu/saml/audience

Step 9: Click Next on until you reach the Finish screen.

Step 10: Choose to Open the Edit Claim Rules dialog before clicking finish to edit further configuration. This will launch the Edit Claim Rules window.

Step 11: Click on Add Rule and Choose Claim Rule as Send LDAP Attributes as Claims.

Step 13: You can add the Outgoing claim Type as shown in the image here.

Step 14: Click Finish.

Step 15: Click Add Rule again, choose Transform an Incoming Claim and click Next.

Step 16: Setup Email ID to be sent as NameID as shown below and click Finish.

Make sure that the order is maintained (LDAP Attributes followed by the NameID) and click Apply.

Step 17: On the AD FS Management window, right click on the Relying Party for Playvox and choose properties. Under the Advanced tab, choose SHA­-256 as the Secure hash Algorithm.

Step 18: On the AD FS Management Window, choose Services -> Certificates and double click on Token Signing Certificate, which will give you an option "copy to file". By doing this, you will be able to export the X509 certificate from the raw file.

Step 19: Copy the X509 Certificate from the file.

Playvox Settings

  1. Login in your Playvox account >> Under the gear settings click on Community
  2. Click on the Security tab.
  3. Under the authentication section, you'll find multiple options for authentication using external providers. Select the option "Allow SAML sign on for everyone".

In case the option is not visible in your site please reach out to our team to support@playvox.com.

4. Once the option is activated, Playvox will request some additional information to complete the configuration.

Remote Login URL

http://YOUR_ADFS_SERVERNAME/adfs/ls/

Remote Logout URL

http://YOUR_ADFS_SERVERNAME/adfs/ls/?wa=wsignout1.0

Issuer URL

http://YOUR_ADFS_SERVERNAME/adfs/services/trust

X.509 Certificate

Insert your generated X.509 Certificate.

You are now set to log in with ADFS SAML SSO in Playvox.

If you have any questions or need help with configuring the ADFS SAML SSO, please contact support@playvox.com

Last Edited: 24.06.20

Did this answer your question?