Skip to main content
Configuring SSO with ADFS

How to configure ADFS and Casefleet to enable Single Sign-On (SSO).

Meg Hall avatar
Written by Meg Hall
Updated over 2 months ago

Step 1: Configure ADFS for Casefleet

1. Sign in to the server where ADFS is installed.

2. Open the ADFS Management console and select Relying Party Trusts. Create a new Relying Party Trust.

3. In the Select Data Source screen, select Enter Data About the Party Manually. Click next.

4. On Specify Display Name, enter Casefeet (or any recognizable name). Click next.

5. On Configure Certificate, leave the default options and click next.

6. On Configure URL, select Enable support for the SAML 2.0 WebSSO protocol. Enter https://api.casefleet.com/saml/acs/ in the URL box. Click next.

7. On Configure Identifiers, add a Relying party trust identifier of https://api.casefleet.com/saml/acs/. Click next.

8. Optionally configure MFA.

9. On Choose Issuance Authorization Rules, select Permit all users to access this relying party. Click next.

10. Ensure that Open the Edit Claim Rules Dialog box is checked and click Close.

Step 2: Configuring Claim Rules

After the relying trust party has been created, a dialog box should appear to edit the claim rules for Casefleet. If not, select Casefleet from the ADFS Relying Trust Party window and click Edit Claim Issuance Policy.

In the claim rules dialog:

1. Click Add Rule

2. In the dialog that appears, select Send LDAP Attributes as Claims. Click next.

3. On the next screen, select Active Directory as the attribute store. Then add one LDAP Attribute named E-Mail-Addresses that pairs with an Outgoing Claim Type of Email. Click OK.

Step 3: Integrate Casefleet with your IDP

1. As an Administrator, visit Account Settings for your Casefleet account.

2. Select "Single Sign-On" in the left-hand menu. If you do not see this link, SSO has not yet been enabled for your account. Contact support@casefleet.com for assistance.

3. Enter the SSO URL for your ADFS server. By default this looks like https://adfs.domain.com/adfs/ls

4. Enter the IDP for your ADFS server. By default this looks like http://adfs.domain.com/adfs/services/trust

5. From ADFS's Encryption tab, right click the Token-Signing certificate and click View Certificate.

6. Under the details tab, select Copy to File and select Base-64 encoded X.509 (.CER).

7. Copy the contents of the .cer file into the X.509 Certificate field.

8. Your Casefleet Single Sign-On settings should look like this:

9. Click Save

Before moving on, be sure to double-check that everything has been configured correctly by attempting to log in with single sign-on. You can always update your SSO configuration details by clicking "Edit" on the "Single Sign-On" page in Account Settings.

Did this answer your question?