Configuring InsideView Sales SSO and SAML Settings for Dynamics CRM On-Premises Edition

Follow

This article guides you in configuring Single Sign-On (SSO) for InsideView Sales on Microsoft Dynamics On-Premise edition. It also provides details on how existing customers who were using SSO with Active Directory Federation Services (ADFS) for Insideview, need to modify their corresponding settings in order to use SSO after the new framework.

Follow the instructions in these sections to complete your configuration: 

Note: All of these configurations are applicable only if Spring SAML integration is Enabled, which is controlled by an option in InsideView Sales identified as "crmElements.saml.isEnabled". InsideView Sales does not support SAML authentication if your company uses ADFS 3.0 version. 

Configuring a Relaying Party Trust in ADFS Server

Step Description Details
 1 Log in to ADFS Log in to the machine where the ADFS server installed and is integrated with your Microsoft Dynamics On-Premise CRM.
 2 Go to ADFS Admin tab Go to Administrative tools > ADFS Management.
 3  Go to Relying Party Trusts Under ADFS, Go to Trust Relationships > Relying Party Trusts.
 4 Start adding a Trust

Click Add Relying Party Trust under "Actions" and click Start.

5 Select the 3rd Option

Select the Enter data about the relying party manually option, then click Next.

6 Add a display name

Enter display name as Insideview, click Next.

7 Choose first option

Choose the ADFS profile option, then click Next.

8 Next Click Next.

9 Next Click Next.

10 Add an identifier

Enter https://login.insideview.com in the Relying party trust identifier field, then click Add.

11 Next Click Next.

12 Select an option Select the I do not want to configure multi-factor authentication settings for this relying party trust at this time option, then click Next.

13 Select the permission option Select the Permit all users to access this relying party option, then click Next.

14 Next Click Next.

15 Close Click Close.

16 Edit Claim Rules The Editing Claim Rules pop up opens. If it does not open you can manually click the link Edit Claim rules under Actions section for the Insideview identifier, then click Add Rule.

17 Select a claim rule Select the Claim rule template as Send LDAP Attributes as Claims, then click Next.

18 Enter claim rule details Enter claim rule name as NameID. Select Attribute store as Active Directory. Select User-Principal-Name as LDAP Attribute (first column) and Name ID as Outgoing Claim Type (second column), then click Finish.

19 Add a rule Click Add Rule.

20 Select a template Select Claim rule template as Send LDAP Attributes as Claims, then click Next.

21 Edit InsideView Claim Rules Enter claim rule name as Insideview Details. Select Attribute store as Active Directory. Select User-Principal-Name as LDAP Attribute (first column) and UPN as Outgoing Claim Type (second column). In the next row, select Given-Name as LDAP Attribute (first column) and Given Name as Outgoing Claim Type (second column). In the next row, select Surname as LDAP Attribute (first column) and Surname as Outgoing Claim Type (second column), then click Finish.

22 Apply Click Apply and click OK.
23 Select the InsideView identifier Select the relying party identifier "Insideview", which you just created, and then double click or select Properties under Actions menu. Click on the Endpoints tab, then click Add SAML.

 

24 Add endpoint details Select SAML Assertion Consumer as Endpoint type. Select Binding as POST. Select the  Set the trusted URL as default check box. Ensure the Index is 0. Enter https://login.insideview.com/Auth/saml/SSO as the Trusted URL, then click OK.

25 Refresh Now click on Refresh under Actions menu.

Configuring SSO Settings in Insideview 

Step Description Details
 1 Log in to InsideView Log into Insideview with a User who:
  • belongs to the Account, which is mapped to your Dynamics On-Premise edition. 
  • and is an Account Admin
Note: In case, this is the first time you are accessing Insideview and you do not have an Account created, you can click on "Need Password" button in the Mashup to register and create a user account.
 2 Go to the SSO tab Once you login, go to Admin. Click on "SingleSignOn Settings" tab.

 

 3  Add SAML details Click the Add SAML link and enter the following details:
  • CRM Organization: Choose the org from the drop down. Ensure the CRM Org ID matches your CRM.
  • STS Name: Will be pre-populated based on the selection made above.
  • SAMLp/WS-Fed Unsolicated Endpoint: As this  <ADFS Server>/adfs/ls/?wa=wsignin1.0&wtrealm=https%3a%2f%2flogin.insideview.com%2f, where <ADFS Server> is your AD FS server URL. 
  • STS Certificate: Enter a valid STS certificate code that you received from ADFS. This field will be obsolete in future. Currently, you can enter a STS Certificate value. 
  • CRM Email Mapping : Enter your "upn" field claim type. The supported claim types can be found if you go to ADFS Management > Service > Claim Descriptions.                  Enter the UPN details. You can use this link: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn
  • CRM Org ID Mapping: Leave it as blank
  • CRM First Name Mapping:  Enter your "Given Name" claim type. http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
  • CRM Last Name Mapping: Enter your "Surname" claim type. http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
4 Save Click Save.

Modifying SSO and ADFS Settings for Settings

Step Description Details
 1 Log in  Log in to your InsideView Sales and go to Admin page. 
 2 Go to the SSO tab Once you login, go to Admin. Click on "SingleSignOn Settings" tab. 
 3 Modify the SSO Settings Ensure the CRM Email Mapping, CRM First Name Mapping and CRM Last Name Mapping are modified to the new format as illustrated below: 

 4 Modify the ADFS Server settings
  •  Modify the Identifier of the RP Trust from "https://my.insideview.com" to "https://login.insideview.com".
  • Modify the Endpoint for the Relying Party to the following: 

  • Edit the Claim rules and ensure the following claim rules (NameID and Insideview Details) are added:                                    

 5 Complete the changes For further details on how you can modify the ADFS settings, refer to Steps 17 to 23 in the Configuring Relying Party Trust in ADFS Server section above.

Note: If come across any technical issues, submit a request to our technical support . InsideView’s support team will contact you to address your technical problem and help you make necessary changes.

Was this article helpful?
0 out of 0 found this helpful
Powered by Zendesk