How to set up SAML SSO settings using ADFS?
This guide is to provide a clear and concise step-by-step approach to facilitate effective user navigation within the ADFS (Active Directory Federation Services) platform.
I) Create an enterprise application in ADFS
- Log in/Access to ADFS Management Window.
- From the Side Menu bar, select Replying Party Tasks.
- After opening the ADFS Management Window, select click on Add Relying Party Task Wizard.
- Select Claims aware from the Reply Party Wizard, then Click on ‘Start’ button .
II) Select data source
- In the Select Data Source Window, choose Enter the data about the Replying Party Manually.
- Click Next to continue.
- In the Specify Display Name Window, select Display Name, and give the Application Name.
- Click Next to continue
- Skip the Configure URL section / window.
- Click Next to continue.
III) Configure URL
- In the Configure URL window, choose Enable Support for the SAML 2.0 Web SSO Protocol.
- Paste the URL against Reply Party SAML 2.0 SSO Service URL for Server URL from Beagle by navigating back to Beagle SSO Settings page.
- Navigate back to Beagle Security page.
IV) Beagle SSO settings
- From the Beagle SSO settings page, Choose ADFS, then Start Integration.
- Copy the Reply URL from here and paste against the Reply URL in ADFS.
- Click Next to continue
V) Configure identifier
- Copy SSO Service URL and paste it against SSO Service URL in ADFS .
- Copy the Relying Party trust Identifier and paste it against Relying Party Trust Identifier.
- Click Next to continue.
VI) Choose access control policy
- In Choose Issuance Authorization Rules, Click on Permit Everyone.
- Click Next to continue
- Skip the Reply URL section.
- Click Next to continue.
- An application with the ‘given name’ is created.
- Click the ‘application’ and edit the claim issuer.
VII) Edit SAML attribute claim rules for your ADFS App
- In the Edit Claim Rules for the given application name window, click on Add Rule under the Issuance Rules Tab.
- The Add Transform claim Rule Wizard window opens.
- Select Send LDAP Attributes as Claims as the ‘Claim Rules’.
- Click Next to continue.
- Enter the Claim Rule name as ‘Email’.
- Set ‘Attribute Store’ to Active Directory.
- Select LDAP Attribute as Email and Outgoing Claim Type as ‘Email’.
- Click on Finish to finish the first claim.
- Similarly, add the subsequent claims - (make sure you select the accurate options because the integrations may not work if the variants chosen does not match)
- Select Pass through all claim values and click Finish.
VIII) Federation meta URL
- Navigate back to Beagle Security SSO settings Page
- Click on Add Identity Provider.
- Get the ADFS Federation Metadata by using this URL (https://< ADFS_Server_Name >/federationmetadata/2007-06/federationmetadata.xml.)
- Paste the created URL in Beagle Security.
- Click on TURN ON to activate the integration.
Updated on: 03/07/2026
Thank you!