Versions Compared

Old Version 8

changes.mady.by.user Thomas Sherman

Saved on

compared with

New Version 9

changes.mady.by.user Stephan Golux

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

You can configure ADFS to consume and respond to SAML 2.0 requests. That means it is possible to make it work with Projector's Single Sign On implementation. Please keep in mind that SSO is only supported by Projector Web and not by Management Portal or our mobile website. This page will walk you through a general configuration.

This page assumes that the AD FS 2.0 snap-in is already installed and configured for your organization.

...

  1. Go to AD FS | Service | Certificates
  2. Under Token-signing, right click and choose View Certificate
     
  3. Go to the Details tab and choose Copy to File
     
  4. Click Next
  5. Choose radio button for Base-64 encoded x.509 (.CER)
  6. Save to your computer
  7. Send the certificate to the Projector support team

 

Endpoint URL

You need to send Projector an endpoint URL. To find yours, go to AD FS | Service | Endpoints. Send the value for the SAML 2.0/W-Federation URL to Projector support. If you chose the defaults for the installation, this will be your doman, ending in /adfs/ls/.

 

Secure Hash Algorithm

As SHA-1 has known security vulnerabilities, Projector recommends using SHA-256. You can check your algorithm by going to AD FS | Trust Relationships | Relying Party Trusts | ProjectorPSA and going to the Advanced subtab.

...

In the event that your ADFS configuration is not working, you can use our troubleshooting tool to view the SAML request and response. This will likely identify any outstanding issues.

 

  1. Visit https://projectorsamltroubleshooterprojector-saml-troubleshooter.azurewebsites.net/Home/Menu
  2. Click Get Assertion Endpoint URL
    1. Enter your Account Code
    2. Click (Re)Construct Data
    3. Copy the Assertion Endpoint URL
    4. Go to AD FS | Trust Relationships | Relying Party Trusts | Edit ProjectorPSA
    5. Go to the Endpoints tab
    6. Update your end endpoint to be the URL you copied in step 5
    7. Click Main Menu
       
  3. Click Upload Certificate
    1. Upload the x.509 certificate you sent to Projector support
    2. Click Main Menu
       
  4. Click Set Request Endpoint URL
    1. End your endpoint URL. It typically ends in /adfs/ls
    2. Click Main Menu
       
  5. Click Set Message Level
    1. Choose Debug from dropdown box
    2. Click Submit
    3. Click Main Menu
       
  6. Click Mock SAML Request
    1. You'll be prompted to enter your username. Enter your email address.
    2. Submit
    3. Copy the output and send it to Projector support

...