• AD/ADFS Integration Guide for PTT Pro and Profile Manager
Configuration Process Overview
Configuration Process Overview

Configuration Process Overview

This outline describes the process to properly establish an ADFS configuration to support PTT Pro and Profile Manager OAuth2 authentication. This outline may be helpful for advanced users familiar with ADFS configurations.
  • Add a Relying Party Trust
    • Name the Trust
    • Skip the Cert – not required
    • Skip the URL – not required
    • Configure the Trust Identifier
    • Choose the Access Control Policy
  • Configure Claims Issuance Transform Rules
    • Add Rule
    • Select Passthrough Claim Rule Template
    • Create Pass Though for Name
    • Create Pass Through for UPN
  • Bind the Token Decrypting Cert to Relying Trust
    • Select the Token Decrypting cert
    • Copy Cert to File -- Name and Save base64 cert file type
    • Bind the cert to the Relying Party Trust in Signature
    • Export the Token Signing Cert to be used in the PTT Pro OAuth configuration
  • Create Application Groups
    • Add an Application Group
      • Select Standalone / Native application
    • Capture Client ID
    • Select Standalone Web API
    • Add identifier
    • Select Access Control Policy
    • Add Application Permissions
    • Add Issuance Transform Rules
    • Add Rules
      • Select passthrough Claim Rule Template
      • Create Pass Through for Name
      • Create Pass Through for UPN
    • Apply Access Control policy
    • Config Application Permissions to include Openid and Profile