Setting Up SSO for ZPC with ADFS
About SAML Single Sign-On in ZPC
Single Sign-On can be setup in ZPC against any Identity Provider (IdP) which supports SAML 2.0.
This guide covers the steps required to setup SAML SSO against ADFS.
For an exhaustive list of supported IDP’s, visit SAML-based products and services.
Provide ZPC Service Provider (SP) Metadata to your Identity Provider (IdP)
Export the SP Metadata to provide to your IdP.
Adding ZPC as a Service Provider (SP) in ADFS using metadata.xml file:
Click on Add Relying Party Trust
Select default option “Claims Aware”
Select “Import data about the relying party from a file”
Upload the Service Provider (SP) metadata file from previous step.
Provide a meaningful Display Name for ZPC relying party and click “Next”
Select “Permit everyone” and click “Next”
Enable “Configure claims issuance policy for this application” checkbox and click “Close”
Configure Name Identifier (NameID)
Edit Claim Issuance Policy
Click “Add Rule”
Choose Claim rule template “Send LDAP Attributes as Claims” and click “Next”
Provide a Claim rule name, select the Attribute Store “Active Directory” from the dropdown, provide the value from Username Attribute from LDAP Management in ZPC to Name ID mapping and click “Finish”.
Download your Identity Provider (IdP) Metadata
Drop this link in your browser to download your IdP metadata.
https://< hostname >/federationmetadata/2007-06/federationmetadata.xmlGo back into ZPC and complete the SAML SSO Configuration
Import your IDP metadata
Enable SSO
Logout from ZPC
Go to the ZPC URL & click the teal login button to authenticate using SAML SSO
For any login issues with SSO, please reach out to ZIRO Support.
SSO Configuration Complete ✔
Once logged in you will have initiated a Single Sign-On session which will give you access to all other applications registered to your IdP server without having to re log-in.