Configuring InsideView Sales SSO and SAML Settings for SAP Cloud for Customer (C4C) with AD FS

Follow

This article guides you in configuring Single Sign-On (SSO) for InsideView Sales on SAP Cloud for Customer (C4C) CRM with Active Directory Federation Services (AD FS) as identity provider (IDP).

Follow the instructions in these sections to complete your configuration: 

Configuring a Relaying Party Trust in AD FS Server

Step Description Details
 1 Log in to AD FS Log in to the machine where the AD FS server installed and is integrated with your SAP Cloud for Customer (C4C) CRM.
 2 Go to AD FS Admin tab Go to Administrative tools > AD FS Management.
 3  Go to Relying Party Trusts Under AD FS, Go to Trust Relationships > Relying Party Trusts.
 4 Start adding a Trust Click Add Relying Party Trust under "Actions" and click Start.

5 Select the 3rd Option Select the Enter data about the relying party manually option, then click Next.

6 Add a display name Enter display name as Insideview, click Next.

7 Choose first option Choose the AD FS profile option, then click Next.

8 Next Click Next.

9 Next Click Next.

10 Add an identifier Enter https://login.insideview.com in the Relying party trust identifier field, then click Add.

login_insideview_small.png

11 Next Click Next.

login_insideview1_small.png

12 Select an option Select the I do not want to configure multi-factor authentication settings for this relying party trust at this time option, then click Next.

13 Select the permission option Select the Permit all users to access this relying party option, then click Next.

14 Next Click Next.

15 Close Click Close.

16 Edit Claim Rules The Editing Claim Rules pop up opens. If it does not open you can manually click the link Edit Claim rules under Actions section for the Insideview identifier, then click Add Rule.

17 Select a claim rule Select the Claim rule template as Send LDAP Attributes as Claims, then click Next.

18 Add Name ID Enter claim rule name as NameID and select Attribute store as Active Directory.

Select User-Principal-Name as LDAP Attribute (first column) and Name ID as Outgoing Claim Type (second column).

Click Finish.

19 Enter claim rule details Enter claim rule name as Insideview and select Attribute store as Active Directory.

Select the following attributes as illustrated below in the LDAP Attribute (first column) and Outgoing Claim Type (second column) fields:

  • User-Principal-Name and UPN
  • Given-Name and Given Name 
  • Surname for both field values

Note: The LDAP attribute that you can select can either be user-principal-name (UPN) or E-Mail addresses. The UPN or E-mail address attribute will be used as a username when you login via AD FS to InsideView.

step18_small.png

Click Finish.

20 Apply Click Apply and click OK.

edit_claim_rule_finish.png

21 Select the InsideView identifier Select the relying party identifier "Insideview", which you just created, and then double click or select Properties under Actions menu. Click on the Endpoints tab, then click Add SAML.

step20.png

22 Add endpoint details Enter the following details:
  • Select SAML Assertion Consumer as Endpoint type.
  • Select Binding as POST.
  • Select the Set the trusted URL as default check box.
  • Ensure the Index is 0.
  • Enter https://login.insideview.com/Auth/saml/SSO as the Trusted URL

add_saml.png

Click OK.

23 Refresh Now click on Refresh under Actions menu.

Configuring SSO Settings in Insideview 

Step Description Details
 1 Log in to InsideView Log into Insideview with a User who:
  • belongs to the Account, which is mapped to your SAP C4C CRM. 
  • and is an Account Admin
Note: In case, this is the first time you are accessing Insideview and you do not have an Account created, you can click on "Need Password" button in the CRM view to register and create a user account.
 2 Go to the SSO tab Once you login, go to Admin. Click on "SingleSignOn Settings" tab.
 3  Add SAML details Click the Add SAML link and enter the following details:
  • STS Name: Will be pre-populated based on the selection made above.
  • SAMLp/WS-Fed Unsolicated Endpoint: As this <ADFS Server>/FederationMetadata/2007-06/FederationMetadata.xml, where <ADFS Server> is your AD FS server URL. 
  • STS Certificate: For now you can put it as "-".
  • CRM Email Mapping : Enter your "upn" field claim type. The supported claim types can be found if you go to AD FS Management > Service > Claim Descriptions.  For UPN it is generally http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn
  • CRM Org ID Mapping: Leave it as blank
  • CRM First Name Mapping:  Enter your "Given Name" claim type. http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname. 
  • CRM Last Name Mapping: Enter your "Surname" claim type. http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname. 

    edit_saml_sap.png

4 Save Click Save.

Note: If come across any technical issues, submit a request to our technical support . InsideView’s support team will contact you to address your technical problem and help you make necessary changes.

Was this article helpful?
0 out of 0 found this helpful
Powered by Zendesk