In this tutorial we will configure ADFS using the Metadata for Udemy for Business.
If you don't have the Metadata for Udemy for Business please refer to this article.
Configuring ADFS
1. Launch the ADFS 2.0 console.
2. Under Trust Relationships > Relying Party Trusts, add a new Relying Party Trust. This will launch the wizard shown below.
3. Next, you will be prompted to import the Udemy for Business Metadata file.
4. Enter a name for the connection, for example Udemy for Business.
5. On the Choose Issuance Authorization Rules step, select Permit all users to access this relying party.
6. Click Next to view the summary and complete the wizard.
7. Leave the “Open the Edit Claim Rules…” option checked and finish the wizard.
8. This will launch the Edit Claim Rules configuration utility.
9. This example will only gather claims from Active Directory to present to Udemy for Business.
10. Configure a basic claim set.
Udemy for Business supports the following SAML attributes (all attributes are case sensitive).
Required attributes
- SCIM.email
the unique email of the user
Optional attributes
- SCIM.name.givenName
the given name of the user - SCIM.name.middleName
the middle name (if any) of the user - SCIM.name.familyName
the family (or last) name of the user - SCIM.name.formatted
the fully formatted name of the user - Name ID
- groups
the list of groups to which the user belongs - externalID
A unique user ID specified by the customer
11. Once you’ve configured the claims, back on the ADFS 2.0 Relying Party Trusts window, right-click the newly created connection and view the properties for the connection. Navigate to the Encryption tab and Remove the encryption certificate.
12. That will complete the ADFS configuration. Next, you should download the metadata and send it to the Udemy for Business team so that they can complete your SSO integration.
You can find the Metadata file at:
https://<ADFS server name>/FederationMetadata/2007-06/FederationMetadata.xml