Create Relying Party Trust in ADFS - Administrator Guide - 6.8 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Administrator Guide

Product
Cortex XSOAR
Version
6.8
Creation date
2022-09-28
Last date published
2024-03-21
End_of_Life
EoL
Category
Administrator Guide
Abstract

In Active Directory Federation Services (ADFS), you need to create a Relying Party Trust to use ADFS as the identity provider for Cortex XSOAR.

In ADFS you need to create a Relying Party Trust. The following procedure uses ADFS 3.0 on Windows Server 2016 and shows demistodev.local as the ADFS portal service which will allow a trust connection from the https://demo.demisto.com web server.

You must have a valid and trusted server certificate for ADFS to work, not the self-signed certificates that come with Cortex XSOAR. If you do not use a trusted server certificate for ADFS, you will experience TLS connection issues with ADFS and the integration will not work properly.

  1. Log in to the ADFS server management console.

  2. In the tree in the left panel, right-click Service and select Edit Federation Service Properties.

    adfs-edit-federation-option.png
  3. Click the General tab and confirm that the DNS entries and certificates names are correct.

    adfs-federation-props.png
  4. In the tree in the left panel, right-click Relying Party Trusts and select Add Relying Party Trusts.

    adfs-add-relying-party-trust.png
  5. The Add Relying Party Trust Wizard screen appears. Click Start.

    adfs-trust-wizard.png
  6. In the Select Data Source page, select Enter data about the relying party manually.

    adfs-wizard-enter-data.png
  7. Click Next.

  8. In the Specify Display Name page, type a display name for the trust in the Display name field. In this example, the name of the trust is Demisto.

    adfs-display-name.png
  9. Click Next.

  10. (Optional) In the Configure Certificate page, you can configure the claims encryption.

  11. Click Next.

  12. In the Configure URL page, select Enable support for the SAML 2.0 Web SSO protocol, and enter the Cortex XSOAR server URL followed by /SAML.

    adfs-configure-url.png
  13. Click Next.

  14. In the Configure Identifiers page, add the Relying party trust identifier. The identifier can be a friendly name, the same as the Display name, or the application URL. This identifier is used to redirect the user back to the Cortex XSOAR web server instead of asking the user to manually choose which service should log in to the ADFS IDP portal.

    adfs-configure-identifiers.png
  15. Click Next.

  16. In the Choose Access Control Policy page, select an access control policy for the authentication portal. In this example, we choose .

    adfs-access-control-policy.png
  17. Click Next.

  18. In the Ready to Add Trust page, verify that all the setting are correct.

    adfs-ready-to-add.png
  19. Click Next and then click Close.

    adfs-finish.png
  20. Define the Claim Issuance Policy.