Instructions for setting up ADFS as a SAML Identity Provider for Donesafe
1. Add a relying party trust in AD:
2. Configure the relying party manually
3. Set Display name to "Donesafe".
4. Add ADFS profile
5. Leave default settings on next screen and just click “next”:
6. Enable SAML 2.0.
The Service URL will be the address of your Donesafe account, with /federation/saml/callback appended to it, e.g. https://acme.donesafe.com/federation/saml/callback
7. Set the relaying party trust identifier to “donesafe”
8. Do not configure multi-factor authentication:
9. Permit all users to access the relying party:
10. Select the “edit claim rules” checkbox, and close the dialog:
11. Click on “Add Rule”:
12. Select “Send LDAP Attributes as Claims”:
13. Select Email Address:
14. Once the RPT is complete, select Properties->Actions->Advanced and set SHA-1 as the hash algorithm:
Please provide SAML 2.0 metadata XML to Donesafe.