Question
WellCare
US
Last activity: 12 Jun 2017 9:59 EDT
Help setting up SSO; using ADFS with Pega as an SP.
Help setting up SSO; using ADFS with Pega as an SP.
Accepted Solution
Pegasystems Inc.
US
can u turn on the debug log: com.pega.pegarules.integration.engine.internal.util.PRSAMLv2Utils class and send us the debug log? looks like your idp response attributemap is empty.
Pegasystems Inc.
US
what version of PRPC are you using? I am not aware of we have a runbook for ADFS as IDP, but this one for CA Siteminder should give you ideas what to do in terms of SAML SSO configuration: https://docs-previous.pega.com/ca-single-sign-federation-runbook
WellCare
US
Hi Kevin,
I am using Pega 7.1.9, I followed those steps but for some reason I am getting this issue:
PegaRULES:07.10] (nActivity.Code_Security.Action) ERROR aesmonitor-dev.wellcare.com| Proprietary information hidden - Error while executing the Authentication Service activity : Unable to process SAML2 Authentication response : No attribute statements found in the SAML Response,Unable to deduce an operator record for further processing
Accepted Solution
Pegasystems Inc.
US
can u turn on the debug log: com.pega.pegarules.integration.engine.internal.util.PRSAMLv2Utils class and send us the debug log? looks like your idp response attributemap is empty.
WellCare
US
Hi Kevin,
I did that..now I have asked the ADFS admin to add some parameters now I am getting this error.l.
Unable to process the SAML WebSSO request : Unable to open an instance using the given inputs: pxObjClass = %22Data-Admin-Operator-ID%22, pyUserIdentifier = %22%22
WellCare
US
Hi Kevin,
I was able to work with the ADFS admin and got it all squared out. He had to do some modifications to the ADFS side so that he can pass the correct parameters for the activity to authenticate properly. Now the next step is to have a custom activity in which it will parse parameters from AD; like email; full name; etc..and based on those parameters autoprovision the account or not.
Thank you,