Articles on: Single Sign-On (SSO)

How to set up SAML SSO settings using ADFS?

This guide is to provide a clear and concise step-by-step approach to facilitate effective user navigation within the ADFS (Active Directory Federation Services) platform.  


I) Create an enterprise application in ADFS 

  • Log in/Access to ADFS Management Window.
  • From the Side Menu bar, select Replying Party Tasks.
  • After opening the ADFS Management Window, select click on Add Relying Party Task Wizard.
  • Select Claims aware from the Reply Party Wizard, then Click on ‘Start’ button .


II) Select data source 

  • In the Select Data Source Window, choose Enter the data about the Replying Party Manually.
  • Click Next to continue.
  • In the Specify Display Name Window, select Display Name, and give the Application Name.
  • Click Next to continue 
  • Skip the Configure URL section / window.
  • Click Next to continue.


III) Configure URL 

  • In the Configure URL window, choose Enable Support for the SAML 2.0 Web SSO Protocol.
  • Paste the URL against Reply Party SAML 2.0 SSO Service URL for Server URL from Beagle by navigating back to Beagle SSO Settings page.
  • Navigate back to Beagle Security page.


IV) Beagle SSO settings 

  • From the Beagle SSO settings page, Choose ADFS, then Start Integration. 
  • Copy the Reply URL from here and paste against the Reply URL in ADFS.
  • Click Next to continue 


V) Configure identifier 

  • Copy SSO Service URL and paste it against SSO Service URL in ADFS .
  • Copy the Relying Party trust Identifier and paste it against Relying Party Trust Identifier.
  • Click Next to continue.


VI) Choose access control policy 

  • In Choose Issuance Authorization Rules, Click on Permit Everyone.
  • Click Next to continue 
  • Skip the Reply URL section.
  • Click Next to continue.
  • An application with the ‘given name’ is created.
  • Click the ‘application’ and edit the claim issuer.


VII) Edit SAML attribute claim rules for your ADFS App 

  • In the Edit Claim Rules for the given application name window, click on Add Rule under the Issuance Rules Tab.
  • The Add Transform claim Rule Wizard window opens. 
  • Select Send LDAP Attributes as Claims as the ‘Claim Rules’.
  • Click Next to continue.
  • Enter the Claim Rule name as ‘Email’. 
  • Set ‘Attribute Store’ to Active Directory.
  • Select LDAP Attribute as Email and Outgoing Claim Type as ‘Email’.
  • Click on Finish to finish the first claim.
  • Similarly, add the subsequent claims - (make sure you select the accurate options because the integrations may not work if the variants chosen does not match)
  • Select Pass through all claim values and click Finish


VIII) Federation meta URL 

  • Navigate back to Beagle Security SSO settings Page 
  • Click on Add Identity Provider.
  • Get the ADFS Federation Metadata by using this URL (https://< ADFS_Server_Name >/federationmetadata/2007-06/federationmetadata.xml.)


Note: Update your ADFS server name and pass the Federation Metadata URL from the Beagle Security page


  • Paste the created URL in Beagle Security.
  • Click on TURN ON to activate the integration.

Updated on: 03/07/2026

Was this article helpful?

Share your feedback

Cancel

Thank you!