Resolution

You will need to provide the Swarmica representative with following information

• The address of your ADFS server. Example adfs.example.com
• Client Identifier for the Swarmica application group. Example 51cf596b-ac85-4d45-988b-2689cc45281f
• Relying Party ID. Note that if you didn't change it manually it can be identical to client identifier. Example 51cf596b-ac85-4d45-988b-2689cc45281f
• Public certificate for your ADFS server. Here is the link of how to export one.

Client Identifier and Relying Party ID will be shown through the following process of configuring the oauth access.

Step 1

From the AD FS Management screen, go to AD FS > Application Groups and click Add Application Group….

Step 2

1. Fill in a name for the application group.
2. Select Web browser accessing a web application.
3. Click Next.

Step 3

1. Make note of the Client Identifier value.
2. Add Redirect URI value, which corresponds to location of your Swarmica instance.
3. Click Next.

Step 4

1. Select Permit everyone.
2. Click Next.

Step 5

1. Make note of the Relying Party ID value.
2. Click Next.

Step 6

Click Close. The application is now registered in the ADFS.

Step 7

Right click on the created application and choose the option Properties.

Step 8

1. Select the Web application entry.
2. Click Edit.

Step 9

1. Select Issuance Transform Rules tab.
2. Click the Add Rule button.

Step 10

1. Select Send LDAP Attributes as Claims.
2. Click Next.

Step 11

1. Give the rule a name.
2. Select Active Directory as the attribute store.
3. Configure the claims as shown below.
4. Click Finish.

Step 12

Click Apply.

Step 13

Restart the ADFS server. You can use console command Restart-Service adfssrv -Force for example.