Using this form an administrator can setup user authentication in ADFS (Active Directory Federation Services).
How to prepare the configuration on the ADFS server can be found HERE.
The form looks like this:
...
The items of the settings form have the following meaning:
...
Here the unique identifier of this ADFS client (the specific SOFiE application instance) should be entered. Must be the same as on the ADFS server side.
Directory (tenant) ID
For a standart ADFS leave the default string “adfs” filled in.
Title
Optional title. If filled in, it is displayed on the login button for the users instead of the default text “Login as internal employee“.
Public key
During configuration on the ADFS server, a key pair is created for each application/client, which will be used to sign information passed by the ADFS after the user’s authentication back to the application. The public part of this key pair must be entered into the application (in PEM format), so the application can verify the signature by the ADFS server and ensure the information integrity.
Retrieve public key
The button allows you to automatically load the public key from the metadata of the ADFS server and populate it into the field above. To make it work, it is necessary to modify the nginx configuration. See the https://wikisonpo.atlassian.net/wiki/spaces/SPEN/pages/2955509761/Upgrade+notes+Instructions+for+upgrading+to+a+new+version for version 2.4.1 for instructions.
Redirect URI
Read-only preview of the URL that should be configured on the side of the ADFS server, so the server can redirect logged in clients back to the SOFiE application.