With the Carerix Identity and Access Managament platform it is possible to create a Single Sign On setup using ADFS / SAML 2.0 as an identity provider.

To do so it is necessary to create a ADFS/SAML identity provider to your Carerix. In this article we explain how it works.

Setup your ADFS/SAML Application

Before you start in Carerix - make sure you have an ADFS / SAML application configured to be used.

Usernames in Carerix

To be able to successfully use an ADFS / SAML identity provider in Carerix it is necessary to make sure that all Carerix usernames are equal to the email addresses of those users registered in the ADFS / SAML application.

Setup ADFS / SAML in Carerix

🔹1. As a Carerix System Administrator, go to the Identity Access Menu, which can be found in the maintenance section of the left side menu.

🔹2. After opening the menu: in the main screen choose the Idenity Providers tab

🔹3. Now on top of the main screen select the button 'Add Identity Provider'

🔹4. In the drop down select ADFS/SAML

🔹5. On the right side a modal window slides in where your ADFS / SAML in Carerix can be configured.

🔹6. Import/upload the metadata data obtained from your ADFS / SAML application to Carerix clicking on the 'Choose file' button.

🔹7. Fill out an 'Alias' - Note: this cannot be changed afterwards

🔹8. Indicate if you want this option ACTIVE or not on the Carerix login screen

🔹9. Select a 'Display name' - this value will be used on the button on the login screen. You can change it at any time coming back to the Identity Providers menu.

🔹10. Leave Automatically redirect on NO for the first setup. In case you have successfully tested your ADFS / SAML setup this setting can be set to YES. If YES is selected users will automatically be redirected to the login page of your ADFS / SAML application. The login screen of Carerix will be skipped.

🔹11. Authn request should be signed - this setting depends on your ADFS/SAML application setup.

🔹12. Assertion should be signed - this setting depends on your ADFS/SAML application setup.

🔹13. Assertion should be encrypted - this setting depends on your ADFS/SAML application setup.

🔹14. Click the save button at the bottom of the modal window to finish the setup

🔹15. Now open your newly created IDP again from the grid. The right side modal will open again but it looks slightly different. Notice that the Metadata URL now is being displayed.

🔹16. Copy the metadata url and register it in your ADFS setup.

🔹17. Log off from Carerix and try to login using the new button available in the login dialogue box.



Did this answer your question?