You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/saas-apps/adpfederatedsso-tutorial.md
+30-2Lines changed: 30 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -9,7 +9,7 @@ ms.service: active-directory
9
9
ms.subservice: saas-app-tutorial
10
10
ms.workload: identity
11
11
ms.topic: tutorial
12
-
ms.date: 11/21/2022
12
+
ms.date: 03/07/2023
13
13
ms.author: jeedes
14
14
---
15
15
@@ -153,7 +153,7 @@ In this section, you'll enable B.Simon to use Azure single sign-on by granting a
153
153
154
154
### Configure your ADP service(s) for federated access
155
155
156
-
>[!Important]
156
+
>[!Important]
157
157
> Your employees who require federated access to your ADP services must be assigned to the ADP service app and subsequently, users must be reassigned to the specific ADP service.
158
158
Upon receipt of confirmation from your ADP representative, configure your ADP service(s) and assign/manage users to control user access to the specific ADP service.
159
159
@@ -219,6 +219,34 @@ Upon receipt of confirmation from your ADP representative, configure your ADP se
219
219
220
220
1. On confirmation of a successful test, assign the federated ADP service to individual users or user groups, which is explained later in the tutorial and roll it out to your employees.
221
221
222
+
### Configure ADP to support multiple instances in the same tenant
223
+
224
+
1. Go to **Basic SAML Configuration** section and configure another test value in **Identifier (Entity ID)** textbox.
225
+
226
+
![Screenshot shows how to configure another test instance value.](./media/adpfederatedsso-tutorial/append.png"Test")
227
+
228
+
1. To support multiple instances in the same tenant, please follow the below steps:
229
+
230
+
![Screenshot shows how to configure audience claim value.](./media/adpfederatedsso-tutorial/audience.png"Claim")
231
+
232
+
1. Navigate to **Attributes & Claims** section > **Advanced settings** > **Advanced SAML claims options** and click **Edit**.
233
+
234
+
1. Enable **Append application ID to issuer** checkbox.
235
+
236
+
1. Enable **Override audience claim** checkbox.
237
+
238
+
1. In the **Audience claim value** textbox, enter **Identifier (Entity ID)** value, which you've copied from **Basic SAML Configuration** section and click **Save**.
239
+
240
+
1. Navigate to **Properties** tab under Manage section and copy **Application ID** from the Azure portal.
241
+
242
+
![Screenshot shows how to copy application value from properties tab.](./media/adpfederatedsso-tutorial/app.png"Tab")
243
+
244
+
1. Download and open the **Federation Metadata XML** file from the Azure portal and edit the **entityID** value by adding **Application ID** manually at the end.
245
+
246
+
![Screenshot shows how to add the application value in the federation file.](./media/adpfederatedsso-tutorial/federation.png"File")
247
+
248
+
1.**Save** the xml file and use in the ADP side.
249
+
222
250
### Create ADP test user
223
251
224
252
The objective of this section is to create a user called B.Simon in ADP. Work with [ADP support team](https://www.adp.com/contact-us/overview.aspx) to add the users in the ADP account.
0 commit comments