In this tutorial we will configure ADFS with Udemy for Business using the metadata from ADFS.
Udemy for Business SAML Metadata for ADFS is linked here.
Configuring ADFS
1. Launch the ADFS 2.0 console.
2. Under Trust Relationships > Relying Party Trusts, add a new Relying Party Trust. This will launch the wizard shown below.
3. Next, you will be prompted to import the Udemy for Business Metadata file.
4. Enter a name for the connection, for example Udemy for Business.
5. On the Choose Issuance Authorization Rules step, select Permit all users to access this relying party.
6. Click Next to view the summary and complete the wizard.
7. Leave the “Open the Edit Claim Rules…” option checked and finish the wizard.
8. This will launch the Edit Claim Rules configuration utility.
9. This example will only gather claims from Active Directory to present to Udemy for Business.
10. Configure a basic claim set.
Udemy for Business supports the following SAML attributes (all attributes are case sensitive).
Required attributes
- SCIM.email
the unique email of the user
Optional attributes
- SCIM.name.givenName
the given name of the user - SCIM.name.middleName
the middle name (if any) of the user - SCIM.name.familyName
the family (or last) name of the user - SCIM.name.formatted
the fully formatted name of the user - Name ID
- groups
the list of groups to which the user belongs - externalID
A unique user ID specified by the customer
11. Once you’ve configured the claims, back on the ADFS 2.0 Relying Party Trusts window, right-click the newly created connection and view the properties for the connection. Navigate to the Encryption tab and Remove the encryption certificate.
12. That will complete the ADFS configuration. Next, you should download the metadata and input it into your Udemy for Business account to create the SSO connection. You can find the Metadata file at:
https://<ADFS server name>/FederationMetadata/2007-06/FederationMetadata.xml
Access the Single Sign-On (SSO) tab of your Udemy for Business account. Click Start setup and choose your Identity Provider. On the configuration page, choose the appropriate metadata configuration method and follow the instructions to create the SSO connection with your Identity Provider and Udemy for Business.
