ADFS 4.0 SSO Setup

<< Click to Display Table of Contents >>

Navigation:  Technical specifications >

ADFS 4.0 SSO Setup

Important!

For Intellek to continue to support you and your LMS, we offer the ability for Users to login via a separate login page. External Contacts with prior access to the LMS will also need to use this separate login page.

Your LMS must have all user data imported prior to setting up ADFS AD SSO.

Intellek has already or will establish a test environment for testing your SSO connection prior to enabling SSO on your live LMS instance. Before proceeding with the following steps insure you have your test site and your live site URIs handy.

Users’ Login in the LMS (User_Identifier in the import) MUST match their ADFS Active Directory User name 

Please note the Intellek LMS uses OpenID Connect for Single sign on. SAML is not supported.

The LMS is configured with an SSO timeout of two hours. After two hours of inactivity, Users will be redirected to the LMS login page.

Need more guidance?  Contact support@Intellek.io or watch our how-to video on this topic:

expandedRegister your application with your ADFS

First, create an application group in ADFS. This will give you a “Client Identifier” for your application, as well as enable it to receive tokens. 

1.Open the ADFS Management tool. 

2.Right click on Application Groups and select Add Application Group

clip0082

3.In the Application Group Wizard enter the

Name you would like to use (example: Intellek LMS SSO)

In the section Client-Server applications select Web Browser accessing a web application template.

Click Next.

clip0083

4.On the Native application page:

Provide your test site for the Redirect URI in the following format: https://[Your_Test_Site_Intellek_LMS_URI]/authorization-code/callback.  Replace [Your_Test_Site_Intellek_LMS_URI] with your LMS TEST Site URI. 

Click Add

Now enter your LMS Live site URI in the following format: https://[Your_Live_Site_Intellek_LMS_URI]/authorization-code/callback. 

Click Add

Click Next 

callback5

5.On the Choose Access Control Policy page choose the policy, groups or users that you would like to be able to access the LMS using ADFS SSO, then click Next.

control policy

6.On the Summary page check that the details are correct. Copy/Paste the Web application Identifier to a safe location - you will need this later. Click Next.

web identifier

7.On the Complete page, click Close
expandedConfiguring the LMS to use ADFS 

1.Important! Your users’ Login in the LMS (User_Identifier in the import) MUST match their ADFS User name

2.Contact Intellek Support (support@Intellek.io) with the following information: 

Web Application Identifier ( noted down in step 6 ) 

Your ADFS URL, for example https://adfs.yourdomain.com/ 

3.Intellek will configure your LMS instance with the above settings.