Analyzer ADFS/SSO Configuration


1. Install Analyzer 2021 SP1 or later.

2. Apply below patch.

3. Register Analyzer to ADFS using the AD FS Management. 

4. Go to System Administration Page > ADFS Authentication configuration.



  • ADFSMetadata server URL.
  • Wtrealm (relying party trust identifiers).
  • DefaultDomain (no longer needed after patch)
  • Account Name Claim
  • Enable the Effective User checkbox. 
  • Specify a Windows account as the impersonation account. 

Screenshot 2023-08-10 at 6.10.47 PM.png

After clicking the Enable button, you should see a list of steps to configure Analyzer authentication settings in the IIS.

Screenshot 2023-08-10 at 9.30.33 PM.png

5. Follow the steps to configure the Analyzer authentication method.

In the Analyzer's Web.config file. Change <allow users="*"/> to <deny users="?"/>
Screenshot 2023-08-10 at 9.31.36 PM.png
Change the Analyzer site's authentication method to use only Anonymous Authentication and ASP.NET Impersonation.
Screenshot 2023-08-10 at 9.32.02 PM.png
6. Add the AppSettings key to the Analyzer Web.config file to switch to ADFS mode.
<add key="ADFSAuth" value="true" />
Note: The "ADFSAuth.IgnoreCertCheck" key is for testing only to bypass SSL certificate validation. Please do not use it on a production server.
7. Login to Analyzer
Any login activity gets redirected to the ADFS login page.
Screenshot 2023-08-10 at 9.36.10 PM.png

Enter Windows account information accordingly. Using the example here, "cc@testdomain.idv," the "cc" is the user name, and the testdomain.idv is how the internet represents the local domain name.

Screenshot 2023-08-10 at 9.38.36 PM.png


Clicking the Logout link takes you back to the Login Page.

Screenshot 2023-08-10 at 9.40.16 PM.png


8. You can enable the Effective User Name option if your system can take advantage of the Effective User Name.

Screenshot 2023-08-10 at 9.52.41 PM.png







Have more questions? Submit a request


Article is closed for comments.