Hi, there.

We are trying to implement the SAML2.0 authentication with ADFS as IdP.

What we did are following.

  • Chose the SAML2.0 from the Users Application.
  • imported the federation metadata which was exported by ADFS( IdP Server Settings).
  • Set the Claims which outsystems requires.
  • imported the metadata OutSystems created to the ADFS.
  • Set the Endpoint to https://EnvironmentName/Users/SSO.aspx.  Binding is POST.

After set the claims, I downloaded SP meta xml and imported in the ADFS.

Accepted Claims was filled automatically.

But since adfs didn't set the each values like endpoints or claim issuance policy, I just set those values by myself. like below.(Sorry for Japanese)

the "Identifier" tab was filled automatically starting with http://----.

But these settings didn't work well.

When I try to access the Application by SAML2.0, the adfs login screen appeared.

And I filled the Username and Password, this screen comes up.

And ADFS event log is like below...(Sorry for Japanese again)

Has anybody already realized SAML2.0 with ADFS?

Can anybody figure out whats the cause?

If anyone has any idea or advice, please help us out.

Thanks in advance.

I think its an issue with claim rule. Also the error advices its nameId format issue. 

Could you try updating the claim rule to set "Name Id" for "SAM Account Name" and see if that works which will be your outsystems user name. Also your claim rule seems to have multiple mapping for SAM account Name which doesn't look right.