Configuring AchieveIt SSO with ADFS

Using Microsoft ADFS as the SSO Provider for AchieveIt

  1. Open the ADFS Management Console.
  2. Click on Add Relying Party Trust.
  3. Click Start on the first step.
  4. Select Enter data about the relying party manually and click Next

  1. Enter an arbitrary name (e.g. "YOUR_APP_NAME") and click Next.
  2. Leave the default selection (ADFS 2.0 profile) and click Next.
  3. Leave the default (no encryption certificate) and click Next.
  4. Check Enable support for the WS-Federation Passive protocol URL, enter the following value in the textbox and click Next.

https://achieve-it.auth0.com/login/callback

  1. Add a Relying party trust identifier with the following value and click Add and then Next.

urn:auth0:achieve-it 

  1. Leave the default option (Permit all users...) and click Next.
  2. Click Nextand then Close. The UI will show a new window to edit the Claim Rules.
  3. Click on Add Rule...
  4. Leave the default option (Send LDAP Attributes as Claims).

  1. Give the rule an arbitrary name that describes what it does. For example:

Map ActiveDirectory attributes (mail -> Mail, displayName -> Name, userPrincipalName -> NameID, givenName -> GiveName, sn -> Surname)

  1. Select the mappings as shown in this image and click Finish.