For more information, and an overview of the benefits and limitations of using Security Assertion Markup Language (SAML), please check this article
Setting up SAML requires some configuration:
- login at myNomadesk.com with the Group Manager' account
- go to Manage -> Group Settings
- go to Security Settings -> select SAML
Once you enable the checkbox for 'Enable single sign-on', you will be able to enter the metadata XML of your Identity Provider (IdP), which you need to retrieve from your IdP.
FYI : Using Active Directory Federation Services (ADFS) the metadata XML can be retrieved from URL: https://YOUR_ADFS_URL/federationmetadata/2007-06/federationmetadata.xml
Once those settings have been saved, all of your managed users will need to authenticate using SAML.
They will receive an email about this, which will contain some basic information, and a custom login url, which will lead your users straight to the correct login page.
IdP setup guidelines:
The Nomadesk service requires a few 'claims' (linked attributes) from the IdP:
- Name ID (unique identifier for the user, eg: SID)
- E-Mail Address
- Given Name
- Surname
A detailed howto for setting up an IdP using Active Directory Federation Services (ADFS) is attached.