Introduction

SAML Integration Guide for PTT Pro and Profile Manager
Introduction
Document Layout
Solution Components and Architecture
Configure WFC-ACS
Configure Workforce Connect
Troubleshooting the Client Error Message: ADFS Error
Revision History

Introduction

The support of a shared device model for Workforce Connect (WFC) products focuses on AD/ADFS (Active Directory / Active Directory Federated Services) using the OAuth2 protocol. The widespread adoption of PTT Pro and Profile Manager has created the need to support SAML 2.0 (SAML2) as an authorizing protocol.

Keycloak adds the support of SAML2 without changing the current product support of OAuth2. The SAML2 capability is provided by the WFC Authentication Connection Service (WFC-ACS), which brokers access authorization between the SAML Identity Management infrastructure and the OAuth2 authorization capabilities of Workforce Connect.

This guide describes how the WFC-ACS architecture is positioned in the WFC environment and how to configure the connection services of the PTT Pro and Profile Manager OAuth authorization services into the SAML2 Identity Management (IdP) infrastructure.