Single Sign-On with ADFS requires configuring Workboard as an application in ADFS.
- Ensure your WorkBoard technical point of contact has received your organization's federated metadata XML file or URL.
- Enter the required fields as mentioned below. Organization_unique_identifier will be provided to you by WorkBoard.
- Use these base URLs in the following configuration:
Assertion Consumer Service (ACS)
Relay State URL
SP Metadata URL
Name ID: Email address
Name ID Format: UNSPECIFIED
- Open ADFS manager console and click Add Relying Party Trust
- Select Import data about the relying party published online or on a local network.
- Here you need to put the Workboard metadata file URL (above)
- Click Add Rule on the Issuance Transform Rules tab
- Select Send LDAP Attributes as Claims and click Next
Enter a Claim rule name, such as Get Attributes
Set the Attribute store to Active Directory,
Type in E-Mail-Addresses for the first LDAP attribute
Set its outgoing type to E-Mail Address
Type in Display-Name for the second LDAP attribute and set its outgoing type to Name.
Click Finish when you are done.
Click Add Rule on the Issuance Transform Rules tab again.
Select Transform an Incoming Claim and click Next.
Enter a Claim rule name, such as Name ID Transform.
Set Incoming claim type to E-Mail Address.
Set Outgoing claim type to NameID.
Set Outgoing name ID format to Unspecified.
Select Pass through all claim values and click Finish and close the Wizard.
Test it out
- Login to Workboard
- For IDP Initiated Authentications
- Click on the Workboard link or tile listed under your Application portal
- For SP Initiated Authentications
- Go to https://www.myworkboard.com/wb/user/login in your browser tab
- Click on Login with your company ID
- Enter your company email address to log in. You will be redirected to Workboard once you authenticate using your company credentials in your company’s web portal.