Page History

In the DualShield Admin Console, navigate to "SSO | Service Providers"

Create Service Provider

On the toolbar, click the "Create" button

...

Fill in the form as below:

Add SAML Attributes

Now, click the "Attributes" tab

We are going to add 3 4 SAML attributes

The first attribute is "IDPEmailUPN"

Map  and map it to : userPrincipalName.userPrincipalName.

Set its Claim Type to http://schemas.xmlsoap.org/claims

Image AddedImage Removed

The second attribute is "ImmutableID",

use script to map it to: userID.decodeHex().encodeBase64().toString()

Set its claim type to http://schemas.microsoft.com/LiveID/Federation/2008/05

The third attribute is "username" and map

Map it to: loginName.

For this attribute, select "URL Path" as the location and enable the "Get Input" option

The last attribute to add is "authnmethodsreferences"

Claim Type: http://schemas.microsoft.com/claims

Fixed Value: http://schemas.microsoft.com/claims/multipleauthn

Image Added

Click Save

Image AddedImage Removed

Change NameIDFormat

Now, click the "General Settings" tab

change NameIDFormat to "Map to the following attribute", and Attribute to "ImmutableID".

Image RemovedImage Added

Finally, click "Save"

Related Articles

• Office 365 2FA