Instructions for connecting SAML SSO¶

Single-Sign On (SSO) technology simplifies employee access to the right tools and services and allows administrators to use advanced identity-based security. You can set up SSO for your employees using the Active Directory Federation System (ADFS). To do this, go to the Team section and select Single-Sign On:

The next step you need to go here https://[AD-HOST]/FederationMetadata/2007-06/FederationMetadata.xml (where [AD HOST] – your Active Directory domain name) and download the metadata file.

Then add a new SAML server to authenticate the team to Getscreen. If the team has not yet been created – find out how to set up access for the staff team.

Open AD FS Management on your PC:

Than click Add Relaying Party Trusts:

Select Claims aware and press Start:

Select the option the wizard will use and specify the path to the metadata on the Getscreen server (it will appear in the settings) or download and specify the desired file:

Then specify the Display name:

and issue permits:

And complete the configuration process:

Then go to Relaying Party Trust, hover over Display Name and right click on Edit Claim Issuance Policy:

Adding a rule to send Email:

And for the transformation:

If all desired rules have been added, press OK:

Users will now be able to login with their AD credentials. An AD user must have their Email field filled in with the email address they are registered with on the Getscreen server in order to log in correctly.

If you have any ideas, feel free to share them on the suggestions page, or contact us or at info@getscreen.me