...
| Info |
|---|
About SAML Single Sign-On in ZPC Single Sign-On can be setup in ZPC against any Identity Provider (IdP) which supports SAML 2.0. This guide covers the steps required to setup SAML SSO against ADFS. For an exhaustive list of supported IDP’s, visit SAML-based products and services. |
| Anchor | ||||
|---|---|---|---|---|
|
Export the SP Metadata to provide to your IdP.
...
Adding ZPC as a Service Provider (SP) in ADFS using metadata.xml file:
Click on Add Relying Party Trust
Select default option “Claims Aware”
Select “Import data about the relying party from a file”
Upload the Service Provider (SP) metadata file from previous step.
Provide a meaningful Display Name for ZPC relying party and click “Next”
Select “Permit everyone” and click “Next”
Enable “Configure claims issuance policy for this application” checkbox and click “Close”
Configure Name Identifier (NameID)
Configuring Name Identifier in ADFS
Edit Claim Issuance Policy
Click “Add Rule”
Choose Claim rule template “Send LDAP Attributes as Claims” and click “Next”
Provide a Claim rule name, select the Attribute Store “Active Directory” from the dropdown, provide the value from Username Attribute from LDAP Management in ZPC to Name ID mapping and click “Finish”.
Download your Identity Provider (IdP) Metadata
Download ADFS IDP Metadata
Drop this link in your browser to download your IdP metadata.
| Code Block | ||
|---|---|---|
| ||
https://< hostname >/federationmetadata/2007-06/federationmetadata.xml |
...
Go back into ZPC and complete the SAML SSO Configuration
Import your IDP metadata
Enable SSO
Logout from ZPC
Go to the ZPC URL & click the teal login button to authenticate using SAML SSO
For any login issues with SSO, please reach out to ZIRO Support.
...