Solutions
Hardware
Software
Services
Support and Downloads
About Zebra
AD/ADFS Integration Guide for PTT Pro and Profile Manager
ADFS Setup Flows
Create the Application Group
Create Standalone Web API Application Group
AD/ADFS Integration Guide for PTT Pro and Profile Manager
AD/ADFS Integration Guide for PTT Pro and Profile Manager
Objectives
Environment Description
PTT Pro Setup
Profile Manager Setup
ADFS Configuration
ADFS Server Versions
Prerequisite Information
About the Well-Known URL for ADFS
How to Find the Well-Known URL
How to Use the Well-Known URL
ADFS Setup Flows
Configuration Process Overview
Create a Relying Party Trust
Configure Relying Trust for Claim Issuance Policy
Export the Token Decrypting Certificate
Bind the Token Decrypting Certificate to the Relying Party Trust
Export Token Signing Certificate
Create the Application Group
Create a Standalone Application Group
Create Standalone Web API Application Group
Create a Web API Application Group with a Client Secret
Add Claims to the Application Group
Updating the Access and Refresh Token Lifespans
Validating the Configuration
The Well-Known URL
Using Postman
Examine the Returned Access Token
Validate the Signing Certificate
Configuring PTT-Pro to Support OAuth2
Configuring Profile Manager to Support OAuth2
External References
Revision History
Create Standalone Web API Application Group
Create Standalone Web API Application Group
Use this task to create an application group that does not use a shared secret.
Open the ADFS Management Console
Right-click the
Application Group
and select
Add Application Group
.
In the
Templates
list, select
Web API
from the
Stand Alone Application
list.
Configure the Web API.
Enter a name in the
Name
field.
The name is appended to the Access URL to access the ADFS Application Group, as in
https://<server_name>/adfs/oauth2/authorize?resource=pttpro-id
in this example.
Click
Add
.
Click
Next
to advance.
The Access Control Policy defaults to Permit Everyone.
Click
Next
to advance.
Under
Permitted Scopes
, the application permissions default is
openid
. Also ensure
profile
is checked.
Click
Next
to advance.
A summary is shown.
Click
Next
to close and finish.
Create the Application Group
