SAML 2.0 single sign-on (SSO) supports integration with Microsoft Active Directory Federation Services (ADFS) 3.0.
Note: If you're using the Playvox Europe hosted site make sure to change all the .com in URLs to .eu
Step 1: On your ADFS Server, Open up AD FS Management.
Login into your AD FS server and launch the ADFS Management Console via the shortcut in Control Panel\Administrative Tools.
Step 2: Right-click on Relying Party Trusts and select Add Relying Party Trust. This will launch the Add Relying Party Trust Wizard.
Step 3: In the Select Data Source step, choose Enter data about the relying party manually.
Step 4: Enter a Display name and click Next
Step 5: Choose AD FS profile with SAML 2.0 and click Next.
Step 5: Click Next on the Configure Certificate screen without choosing any certificates.
Step 6: Select Enable support for the SAML 2.0 SSO Web SSO protocol.
Step 7: Enter the login URL https://my.playvox.com/saml/consumer and click Next.
If you're using the Playvox Europe hosted site make sure to change all the .com in URLs to .eu https://my.playvox.eu/saml/consumer
Note: Please make that you always use an https URL
Step 8: Add a Relying party trust identifier
Add https://my.playvox.com/saml/audience and click Next.
If you're using the Playvox Europe hosted site make sure to change all the .com in URLs to .eu https://my.playvox.eu/saml/audience
Step 9: Click Next on until you reach the Finish screen.
Step 10: Choose to Open the Edit Claim Rules dialog before clicking finish to edit further configuration. This will launch the Edit Claim Rules window.
Step 11: Click on Add Rule and Choose Claim Rule as Send LDAP Attributes as Claims.
Step 13: You can add the Outgoing claim Type as shown in the image here.
Step 14: Click Finish.
Step 15: Click Add Rule again, choose Transform an Incoming Claim and click Next.
Step 16: Setup Email ID to be sent as NameID as shown below and click Finish.
Make sure that the order is maintained (LDAP Attributes followed by the NameID) and click Apply.
Step 17: On the AD FS Management window, right click on the Relying Party for Playvox and choose properties. Under the Advanced tab, choose SHA-256 as the Secure hash Algorithm.
Step 18: On the AD FS Management Window, choose Services -> Certificates and double click on Token Signing Certificate, which will give you an option "copy to file". By doing this, you will be able to export the X509 certificate from the raw file.
Step 19: Copy the X509 Certificate from the file.
- Login in your Playvox account >> Under the gear settings click on Community
- Click on the Security tab.
- Under the authentication section, you'll find multiple options for authentication using external providers. Select the option "Allow SAML sign on for everyone".
In case the option is not visible in your site please reach out to our team to firstname.lastname@example.org.
4. Once the option is activated, Playvox will request some additional information to complete the configuration.
Remote Login URL
Remote Logout URL
Insert your generated X.509 Certificate.
You are now set to log in with ADFS SAML SSO in Playvox.
If you have any questions or need help with configuring the ADFS SAML SSO, please contact email@example.com
Last Edited: 24.06.20