Identity provider - SAML

AVAILABLE IN 9.7.6 AND LATER

Overview

Security Assertion Markup Language (SAML) is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider.

AD FS configuration for VFC SAML Identity Provider

Configuration

Item Description
NameThe name of the Identity provider configuration. This can be anything
TypeSelect SAML.
Verba Login ID does not Contain DomainIf the login IDs on the VFC side contain the domain part, then untick this option.
Strict (Verify Signatures)If you VFC to verify the signature of the certificate of the SAML login page, then tick this option. Otherwise, untrusted certificates will be accepted also.
Service Provider Entity IDProvide the URL of the VFC server in the following format: https://server-fqdn/verba
Identity Provider ID

Provide the URL of the AD FS server in the following format: https://server-fqdn/adfs/services/trust

Identity Provider Login URLProvide the URL of the AD FS server in the following format: https://server-fqdn/adfs/ls
Identity Provider CertificateProvide the token signing certificate of the AD FS server. See AD FS configuration for VFC SAML Identity Provider step 21.
Sign Authentication RequestTick this option if you want the VFC side to sign the authentication requests. In this case, the signing certificate also has to be configured on the AD FS side.