All Collections
Administrators
Advanced
SSO Configuration in the Desktop Application
SSO Configuration in the Desktop Application
Jared avatar
Written by Jared
Updated over a week ago

SSO Configuration has two parts, generating your metadata XML and generating the Workgroups DaVinci Application and Portal metadata XML.

Generating Identity Provider Metadata xml file

Once you have ADFS installed and configured on your server (see the Microsoft KB article), you will need the ADFS Identity Provider Metadata xml file. Usually this xml file is located at the following address, or you can find the URL in the ADFS Management Console (Service > Endpoints > Metadata > Type:Federation Metadata):

  • https://<server>/FederationMetadata/2007-06/FederationMetadata.xml

  • Next, remove all sections from the downloaded file except IDPSSODescriptor

2016-10-24_13h03_44.png

Importing Identity Provider Metadata xml file

  • Open the desktop application

  • Go to Configuration > Configuration Dashboard > Single Sign On (Please note if you do not see this widget you will need to add it by going to “Add Widget” in the top right corner of the dashboard.)

  • Click on the arrow next to “Configuration” > click “Login using Single Sign On”

  • Copy and paste your edited ADFS Identity Provider Metadata xml file in the window, "Identity Provider metadata xml"

  • Click "Save"

Configuration_Dashboard_SSO_metadata_window.png

Entering new Thumbprint

To apply a new Thumbprint before exporting metadata XMLs:

  • Access the Application Server and open "Manage file encryption certificates"

  • Expand "Personal" and click "Certificates"

  • Double-click the entry referencing the proper environment, referencing "Expiration Date" in cases with duplicate entries under "Issued To"

  • Click "Details" tab

  • Scroll down and click "Thumbprint"

  • Copy the text from the "Thumbprint" text box

  • Paste the text into the SSO widget's "Thumbprint" text box

Generating the Workgroups DaVinci Application and Portal metadata XML

To set up Relying Party Trust in ADFS you will need to generate the App Server and Portal XML files by following these steps:

  • Click the button “AppServer SAML metadata xml”

  • In the XML file that is generated, delete the “Signature” section in the file (In a text find there should 6 “Signature” results. Delete from the left carrot of the first signature result to the right carrot of the last “Signature” result.)

AppServer_Signature_Section.png

  • Save the file (as .xml)

  • Click the button “Portal SAML metadata xml”

  • In the XML file that is generated, delete the “Signature” section in the file (In a text find there should 6 “Signature” results. Delete from the left carrot of the first signature result to the right carrot of the last “Signature” result.)

Portal_XML_delete_Signature_section.png

  • Save the file (as .xml)

Did this answer your question?