Manually Add CSM as a Relying Party
Add CSM Service Provider to Microsoft Active Directory Federation Services (ADFS) as a relying party.
This topic applies to versions of ADFS that are currently supported by Microsoft.
To manually add CSM as a relying party:
- Start the ADFS x.x Manager.
- Under Trust Relationships (left of the window), select Relying Party Trusts.
- On the right, select Add Relying Party Trust.
- Select Start.
- Select Enter data about the relying party manually, and then select Next.
- Provide a display name, and then select Next.
- Select ADFS x.x profile, and then select Next.
- Import an encryption certificate:
- Select Browse, and then select the certificate (.cer file) that was used when setting up the CSM Service Provider.
- Select Next.
- Select Enable support for the Saml 2.0 WebSSO protocol, and enter the URL to the Cherwell web service page that is used as the assertion consumer. This is the domain followed by CherwellAPI/saml/assertion (example: https://www.mycompany.com/CherwellAPI/saml/assertion).
- Select Next.
- Provide a URL for the relying party trust identifier. The URL must match what was entered in CSM as the service provider entity ID.
- Select Add, and then Next.
- Select Permit all users to access this relying party, and then select Next.
- Verify the selections, and then select Next.
- Ensure that the Open the Edit Claim Rules dialog for this relying party when the Wizard closes option is selected, and then select Close.
- On the Issuance Transform Rules tab, select Add Rule, and then follow the instructions for the desired type of ID.