The chat responses are generated using Generative AI technology for intuitive search and may not be entirely accurate. They are not intended as professional advice. For full details, including our use rights, privacy practices and potential export control restrictions, please refer to our Generative AI Service Terms of Use and Generative AI Service Privacy Information. As this is a test version, please let us know if something irritating comes up. Like you get recommended a chocolate fudge ice cream instead of an energy managing application. If that occurs, please use the feedback button in our contact form!

Provide Feedback

Feedback sent

Thank you for your feedback!

Provide Feedback

Please log in to provide feedback
Siemens Xcelerator Marketplace

ADFS

To connect your ADFS provider to Senseye, you will need to provide us with either your ADFS URL or a Federation Metadata File for your ADFS.

From your ADFS server you will then need to do the following;

  • Open the Microsoft Management Console (mmc.exe).
  • Add the AD FS Management Snap-in (from the File > Add/Remove Snap-in menu).
  • In the navigation tree select Console Root > AD FS > Relying Party Trusts.
  • Select Add Relying Party Trust... from the Actions panel.
  • Select Claims Aware and click Start.
  • Select Enter data about the relying party manually and click Next.
  • Enter a suitable display name for the relying party such as Senseye and click Next.
  • Leave the encryption certificate details as default and click Next
  • Tick the Enable support for the WS-Federation Passive protocol checkbox and enter https://senseye.eu.auth0.com/login/callback for the Relying party WS-Federation Passive protocol URL and click Next.
  • Add urn:auth0:senseye as an additional relying party trust identifier.
  • Specify an access control policy which applies to your organization. This will control which users from your directory are able to use this relying party trust to log in to Senseye.
  • Confirm the details and click Finish to add the relying party trust.
  • Highlight the newly created relying party trust and select Edit Claim Issuance Policy from the Actions panel.
  • Click Add Rule...
  • Select Send Claims Using a Custom Rule from the claim rule template dropdown and click Next.
  • Give the rule a suitable name such as Senseye Claims and add the following rule
c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer ==
"AD AUTHORITY"]
=> issue(store = "Active Directory", types =
("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname",
"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"), query =
";mail,displayName,objectGUID,givenName,sn;{0}", param = c.Value);

Note: This will map mail, displayName, objectGUID, givenName and sn claims from ADFS to the claims that Auth0 expects.

This rule can be altered according to your directory setup, however, as a bare minimum we require;

  • The http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier claim which should be a unique key for each user and should not contain sensitive information such as an email address.
  • The http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress claim in order for Senseye notifications to work for users.
  • The http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name claim.
Contact us