Applies to

Brandfolder
  • Brandfolder

For more information about plan types and included capabilities, see the Smartsheet Plans page.

Capabilities

Who can use this capability

Owners and Administrators can enable SAML & SSO on their account.

Find out if this capability is included in Smartsheet Regions or Smartsheet Gov.

ADFS

Configure ADFS for your user authentication into Brandfolder.

Who can use this?

Plans:

  • Brandfolder

Permissions:

Owners and Administrators can enable SAML & SSO on their account.

Find out if this capability is included in Smartsheet Regions or Smartsheet Gov.

Set up ADFS

To setup ADFS with Brandfolder, you will need the following:

  • An Active Directory instance where users have an email address attribute
  • A metadata file from Brandfolder Support used for the import
  • An SSL certificate to sign your ADFS login page and the fingerprint of that certificate

Add a relying trust party 

  1. Log in to the ADFS Server
  2. Right-click Relying Party Trust on the left side of the table.
  3. Select Add Relying Party Trust...

 Configure the relying party trust wizard

  1. Select Start
  2. On the Select Data Source Screen, select Import data about this relying party from a file
  3. Select Browse and choose the Brandfolder metadata file. 
  4. Importing this data will allow you to select Next to Configure Multi-factor Authentication Now - leave the defaults and choose Next
  5. On Choose Issuance Authorization Rules, select Permit all users
  6. The following screen will show an overview of your settings - select Next
  7. On the closing screen, select Close and open the Claim Rules Editor

Creating claim rules

  1. The Claims Rule editor will open automatically - to create a new Rule, select Add Rule
  2. Select Send LDAP Attributes as Claims and select Next
  3. On the following screen, set the LDAP Attribute to E-Mail-Addresses and set Outgoing Claim Type to E-Mail Address 
  4. Click OK to save the rule
  5. Create another new rule by selecting Add Rule - select Transform an Incoming Claim from the dropdown
  6. On the following screen, select the following:
  •  
    • E-mail Address as Incoming Claim Type
    • Outgoing Claim Type as Name ID
    • Outgoing Name ID Format as Email
    • Leave the default of Pass through all claim values

7. Select OK the create the claim rule

Set up a full-name claim

  1. Brandfolder recommends sending the first and last name along with the email address of the user
  2. Create another new rule by selecting Add Rule
  3. Set one LDAP Attribute to Surname and one to Given-Name
  4. Set the Outgoing Claim Type to Surname and one to Given-Name
  5. Select OK to create this rule, then OK again to complete the rules

Test the configuration

  1. At this point, the configuration can be tested
  2. Pease get in touch with support@brandfolder.com to complete the configuration

Related Content

Was this article helpful?
YesNo