ADFS

To setup ADFS with Brandfolder, you will need the following:

An Active Directory instance where users have an email address attribute
A metadata file from Brandfolder Support used for the import
An SSL certificate to sign your ADFS login page and the fingerprint of that certificate

Setting up ADFS

Select Start
On the Select Data Source Screen, select Import data about this relying party from a file
Select Browse and choose the Brandfolder metadata file.
Importing this data will allow you to select Next to Configure Multi-factor Authentication Now - leave the defaults and choose Next
On Choose Issuance Authorization Rules, select Permit all users
The following screen will show an overview of your settings - select Next
On the closing screen, select Close and open the Claim Rules Editor

The Claims Rule editor will open automatically - to create a new Rule, select Add Rule
Select Send LDAP Attributes as Claims and select Next
On the following screen, set the LDAP Attribute to E-Mail-Addresses and set Outgoing Claim Type to E-Mail Address
Click OK to save the rule
Create another new rule by selecting Add Rule - select Transform an Incoming Claim from the dropdown
On the following screen, select the following:

- E-mail Address as Incoming Claim Type
- Outgoing Claim Type as Name ID
- Outgoing Name ID Format as Email
- Leave the default of Pass through all claim values

7. Select OK the create the claim rule

Brandfolder recommends sending the first and last name along with the email address of the user
Create another new rule by selecting Add Rule
Set one LDAP Attribute to Surname and one to Given-Name
Set the Outgoing Claim Type to Surname and one to Given-Name
Select OK to create this rule, then OK again to complete the rules

At this point, the configuration can be tested
Pease get in touch with support@brandfolder.com to complete the configuration or for any other related questions