SSO Using ADFS and SHA-256

Litmos integrates with all SAML 2.0 providers, including ADFS 2.0 and 3.0. Litmos is an IdP initiated SSO service provider, which means that an Identity Provider login page is required to sign users into the Litmos application.  

To configure ADFS with Litmos, please follow these steps: 

  1. Begin by adding Litmos as a relying party trust in ADFS: 
  2. Next, please add a NameID rule so that NameID is passed to Litmos as the user's Email Address from your Active Directory.
  3. Litmos requires that FirstName, LastName and Email of the user to be mapped as well for the connection to authenticate successfully. Please ensure that the "Outgoing Claim Types" are typed exactly as they appear in the screenshot below: 

  4. Please add your Litmos ADFS endpoint:

This completes the configuration of Litmos in your ADFS server. Next, we will need to add a few items into your Litmos account's SAML settings to complete the integration. To proceed, please login to your Litmos account as an Account Owner and follow these steps: 

  1. Once signed in as an Account Owner to your Litmos account, click the "Account" tab to access your account settings page. 
  2. From your account settings page, please click the "Integrations" tab.
  3. Scroll down the integrations list and click the "SAML 2.0 (Single Sign On)" setting. 
  4. Here you can enter Federation Metadata file generated from your ADFS


You can now test the integration by signing into Litmos from your IdP sign in page. Please ensure that the "Autogenerate Users" is checked if the user does not exist in Litmos. If the user does exist, please ensure that their FirstName, LastName, Email and UserName(this should also be their Email) matches what is stored in your Active Directory. 


Have more questions? Submit a request


Article is closed for comments.