locked
Relying party trust identifier value RRS feed

  • Question

  • Hi,

    I got a request to use SSO from our company to a website located on a 3rd party company.

    I read about ADFS 3.0 and the best practice with using web proxy.

    I installed ADFS 3.0 (adfs.mycompany.com) in our LAN as well as a ADFS proxy in DMZ network. configuring the web proxy to forward the authentication to the ADFS server.

    Now im trying to configure ADFS with the 3rd party application.

    1. i added relaying party trust with "Cliams aware".

    2. choose manually to inter the data.

    3. Choose to enable SAML support and i entered the 3rd company URL (app1.3party.com)

    4. Now i want to add the relaying party identifier. from what i understood it should the 3rd party URL + a internaURL.

    should i create a random URL? or what is the value for the LDP

    and from where i can get the metadata?

    and find the hash algorithm used SHA-1 or SHA-2?

    thank you in advance.

    Friday, April 28, 2017 9:04 AM

Answers

  • The 3rd party company should provide the metadata.

    If they don't have metadata, they need to provide the details.

    No, you cannot use random data.

    SAML normally uses SHA-1 so you need to change that under the "Advanced" tab.

    Friday, April 28, 2017 9:19 PM