Surpass SSO - Configuring Surpass v1.3.1

To configure your Identity Provider in Surpass you will need to complete the SSO fields available within the site settings section of Surpass. Once all of the relevant information has been added this will be saved within our database and your ADFS setup will be added as an Identity Provider to Surpass. Below we have highlighted all of the necessary changes that need to be made.

1. The Customer/Identity Provider must supply us with their Token-Signing certificate from their ADFS Management console in .cer format. This can then be uploaded in the Site Settings section of Surpass.



2. The next step to configure your Identity Provider in Surpass is to update the Site Settings section of Surpass. This can be found by logging into Surpass as a site administrator, selecting the drop down box next to the users name then selecting Site Settings.

3. Ensure that the "Single Sign On" tab is selected, this will provide you with a list of all the information we require from your setup. Firstly you will need to ensure that "Enable Single Sign On" is checked, other information we require from you has been described in detail below and can be found on your Idp's metadata page
  
(for example: https://[yourADFSserver]/FederationMetadata/2007-06/FederationMetadata.xml). The Site Settings interface has been provided below.

Upload Token Signing Certificate - The Token Signing certificate is the file referred to in step 1. This is required in .cer format.

Name/Entity ID - The Name/Entity ID of your Identity Provider, within the ADFS management console this can be found by selecting "Edit Federation Service Properties" when the service folder is highlighted. The Name/Entity ID will be under the title "Federation Service Identifier". This is case sensitive and will need to read exactly as it does in the ADFS management console. This can also be found on your Identity Providers metadata page.

Single Sign On Service Url - The Single Sign on Service Url, within the ADFS management console this can be found under the endpoints folder. A typical example of this is "http://[yourADFSserver]/adfs/ls". This is case sensitive and will need to read exactly as it does in the ADFS management console. This can also be found on your Identity Providers metadata page.

Single Logout Service Url - The Single Logout Service Url, within the ADFS management console this can be found under the endpoints folder. A typical example of this is "http://[yourADFSserver]/adfs/ls". This is case sensitive and will need to read exactly as it does in the ADFS management console. This can also be the same value as the Single Sign On Service Url. This can also be found on your Identity Providers metadata page.

   ["image_uploads"]

Feedback and Knowledge Base