📚
Aerofiler Administrator Guides
  • Introduction
    • Getting Started Guide for Aerofiler Admins
  • Approvals
    • Negotiations
    • Rules
      • Editing Rules
    • Workflow Setup
      • Automatic Approval
      • Contract Workflow Settings
        • Workflow Details
        • Approval Workflow
        • Document Template
        • Direct Template Editing
        • Creating Rules
        • CC Notifications
        • Post-Signing Notification
      • Contract Fields
        • Additional Fields
      • Default Values
      • Contract Approval Sequence
      • Permissions
        • File Replacement
  • General
    • API Keys
      • Example - Creating a Workflow in Aerofiler
      • Zapier Authentication
    • Configuration
      • General Settings
      • Authentication Settings
      • Repository
      • Approvals
      • Calendar Configuration
      • IP Address Filtering
    • Organization Details
    • Permission Schemes
      • Access to Own Documents
      • Create Workflow Permissions
      • Enable Document Delete
      • Permission Schemes
      • Restriction Rules
      • Restricting Upload Permissions
    • Reminders
      • Editing
    • Teams
    • Users
      • Two-Factor Authentication Settings
      • Manage Organization Users
      • Deactivated Users
      • Add Organization Users
      • Bulk Adding Users
      • Transferring Data Between Users
        • Transfer Reminders with Rules
  • Repository
    • Fields
      • Default Values
        • Example - Assign Based on Custom Field
      • Field Groups
        • Expand by Default
      • File Fields
      • List Fields
      • Notes
      • Parent / Child Fields
      • Tags
        • Currencies
        • E-Sign CC
        • Text Fields
      • URL Fields
    • Integrations
      • Adobe Sign
        • Carbon Copy
        • Custom Filename
        • Direct Access
        • Recipient Names
        • Signing Tags
        • Troubleshooting
      • DocuSign
        • Certification of Completion
        • Changes After Sending
        • Custom Filtering
        • HMAC Security
        • Including / Excluding Users
        • Send from Repository
        • Settings
        • Visibility
      • External Workflows
        • Direct Integration
        • Zapier Integration
    • Metadata
      • Smart Naming
      • Metadata Detection
      • Use Folder Names for Metadata
      • Use Filenames for Metadata
    • Importing Data
  • Single Sign-On
    • ADFS via SAML
    • Azure AD via OIDC
    • Azure AD via SAML
    • OKTA via OIDC
    • OKTA via SAML
  • Supplier
    • Configuration
    • Reminders (Supplier Portal)
Powered by GitBook
On this page
  • Prerequisites
  • Details
  • Appendix - UPN Does Not Match Aerofiler Email Address
  1. Single Sign-On

ADFS via SAML

Prerequisites

  1. You must have an Aerofiler subscription that supports ADFS via SAML integration and Aerofiler Support must have enabled the integration for your Account.

  2. You have provided Aerofiler with the URL to download the federation metadata.

  3. Aerofiler has provided you with an xml file which is used in the steps below to configure you Relying Party Trust.

Details

  1. Open “AD FS Management”

  2. Add a new Relying Party Trust:

    1. Click “Add Relying Party Trust” in the Relying Party Trusts section, and configure with the following:

    2. “Claims aware”, then Next

    3. “Import data about the relying party from a file”, and load the file received from Aerofiler, then Next

    4. Enter a suitable Display Name and Notes if necessary, then Next

    5. Choose a relevant Access Control Policy for your organisation’s requirements, then Next

    6. In the “Ready to Add Trust” screen, go to Advanced and ensure SHA-256 is selected as the hash algorithm, then Next

    7. Ensure “Configure claims issuance policy for this application” is selected, then “Close”

  3. Configure Claim Issuance Policy

    1. The “Edit Claim Issuance Policy” window should automatically open, otherwise, in the Relying Party Trusts list, right-click the relying party object that you created, click Edit Claims Rules

    2. Add Name ID rule:

      1. In the Claim rule template list, select the “Transform an Incoming Claim” template, and then click Next.

      2. Name the rule

      3. Incoming Claim Type: UPN

      4. Outgoing Claim Type: Name ID

      5. Outgoing Name ID Format: Email

      6. Pass through all claim values (the default)

      7. Click Finish

    3. Click OK to finish creating the rule.

  4. Notify Aerofiler that the setup within your server is complete.

  5. Aerofiler will then enable ADFS via SAML login within your environment.

Appendix - UPN Does Not Match Aerofiler Email Address

If in your Active Directory the UPNs for users do not match the email addresses used as logins within Aerofiler and you wish to use the “E-mail” attribute of a user instead, configure the following rule in additional to the above rule:

Email Rule:

  1. In the Claim rule template list, select the “Send LDAP Attributes as Claims” template, and then click Next.

  2. Name the rule

  3. For Attribute Store, select your Active Directory store

  4. Add the following mapping:

    1. LDAP Attribute: E-Mail-Addresses

    2. Outgoing Claim Type: E-Mail Address

  5. Click Finish

PreviousImporting DataNextAzure AD via OIDC

Last updated 2 years ago