You must be an Admin to access the SSO/SCIM page in Team Settings and to set up SSO for your team.
Setting up ADFS SSO
1. In the ADFS Management Console, create a new Relying Party Trust.
2. On the Identifiers tab, enter your Display Name and then add a Relying party identifier of
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx is your Team ID (which you can find on your SSO/SCIM page.)
3. On the Endpoints tab, click the Add SAML... button
4. On the following screen, choose the Endpoint type of
SAML Assertion Consumer, Binding of
POST and for Trusted URL enter
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx is your Team ID.
5. Then click OK on this dialog and OK again to save.
6. Click on Edit Claim Rules... and on the
Issuance Transform Rules tab, click
7. Choose the
Send LDAP Attributes.. claim rule template
8. Click Next. Enter a claim rule called
Guru Attributes, using
Active Directory as the attribute store.
9. Then, add mappings for LDAP Attributes as shown in the screen shot below:
10. Click OK to save and then add another rule.
11. This time, choose the
Transform an Incoming Claim rule template and click Next.
12. Enter a rule name of
Email to NameID and set the incoming claim type to
13. Set the outgoing claim type to
Name ID and the outgoing format to
14. Click OK to save.
At this point, your claim rules should look like the following screen shot:
15. Click OK to save.
16. Once completed go to your SSO/SCIM page and follow STEP 2 in these instructions, which detail how to fill in the fields for:
the Identity Provider Issuer URL (ie,
Identity Provider SAML Endpoint URL (ie,
📑 Related articles