Skip to main content
This is a custom warning

Does the component apply visual style — color, typography, icons, space, borders, and more — using appropriate variable tokens?

Tovuti Impacted

Our Technology team is aware of the current issue regarding connection & login issues with Tovuti, and is actively investigating the issue.

[12:52 PM MDT] Issue appears to originate from a network connectivity issue at Amazon Web Services (AWS).

[1:05 PM MDT] Amazon Web Services has identified a potential root cause of the errors and is attempting mitigations.

[1:48 PM MDT] Amazon Web Services is continuing to work on the issue and seeing improvements.

[2:43 PM MDT] Amazon Web Services is still working on the issue and seeing improvements.

[3:36 PM MDT] Amazon Web Services is still making progress on the issue and is continuing to see improvements.

[4:00 PM MDT] The issue appears to have subsided, however, no official resolution message from Amazon Web Services has been provided yet. Our team is continuing to monitor.

Please check back here for updates.

Email support@tovutiteam.com if you have any questions.

Unlock the power of AI-generated content creation with Dizi

Dizi is an AI-powered LMS content creation assistant that creates quizzes and lessons in seconds and entire professional-looking courses in just minutes. Turn weeks of research, planning, and lesson-building into a click of a button.
Reminder! Tovuti Weekly Maintenance Window!

Tovuti's scheduled weekly maintenance window is between 8 AM and 12 PM MT this Saturday.

No downtime is anticipated.

Configure ADFS as the Single Sign-On Provider

  • Updated

Set ADFS as SSO Provider in Tovuti

Go to Configuration > click Single Sign-On > click New

configuration_sso_adfs_01.png

 

In the Details tab, give this provider a Title. It is suggested that the title contains a reference to ADFS for easy selection in the future. Select ADFS in SAML Application.

configuration_sso_adfs_02.png

 

In the Service Provider Settings tab, a unique EntityID/Issuer is created for this domain.

configuration_sso_adfs_03.png

 

Configure ADFS as Identity Provider (IDP)

In ADFS, click on Add Relying Party Trust > cick Start

In Select Data Source, select Enter data about the relying party manually > click Next.

In Specify Display Name, select Enter Display Name > click Next.

In Choose Profile, select the option AD FS Profile > click Next.

In Configure URL, check Enable support for the SAML 2.0 WebSSO protocol. Enter the ACS URL from the plugin found in Relying Party 2.0 SSO Service URL field. Click Next.

In Configure Identifiers, enter the SP-Entity ID/Issuer URL from the plugin found in Relying Party Trust Identifier. Click Add > click Next.

In Configure Multi-factor Authentification, select "I do not want to configure multi-factor authentication settings for this relying party trust > click Next.

In Choose Issuance Authorization Rules, select permit all users to access this relying party > click Next.

In Ready to Add Trusts, click Next. 

Check Open the Edit Claim Rules dialog and click close. Click Add Rule and select "Send LDAP Attributes as Claims." Enter the following:

  • Claim rule name > Enter claim rule name (any). For example Attributes
  • Attribute Store > Active Directory
  • LDAP Attribute > Email-Addresses
  • Outgoing Claim Type > Name ID

Click the Finish button.

 

For more information directly from AD FS on this process, see the following documentation.

 

Finish Configuring Tovuti as Service Provider (SP)

In the ADFS Setup Instructions tab, the Identity Provider Issuer, Identity Provider Single Sign-on URL, and X.509 Certificate are shown.

Copy this information and paste it into the Identity Provider Settings Tab

Click Update > click Test Configuration. This shows what Attributes and Values are being sent in the Okta SAML Assertion. This ultimately helps with Fields and Groups.

configuration_sso_adfs_04.png

 

User Profile Field and Attribute Mapping

After configuring all the settings in ADFS > click the User Profile Field Mapping tab in Tovuti

Enable the desired settings and provide the attributes found in ADFS. Create profile fields by clicking the "+" icon.

Configuring the settings in this tab syncs the profile field and attribute information between Tovuti and ADFS. The details of the User Profile Field Mapping tab are covered in this Help Center article.

While auto-registering the users on the Tovuti site, these attributes automatically map to Tovuti user details.

configuration_sso_adfs_05.png

 

User Group Mapping

Click the User Group Mapping tab.

Enable the desired settings and provide the attributes found in ADFS. Create profile fields by clicking the "+" icon.

Configuring the settings in this tab syncs group information between Tovuti and ADFS. The details of the User Group Mapping tab are covered in this Help Center article.

While auto-registering, the users are assigned roles based on the group they are mapped to.

configuation_sso_adfs_06.png

 

At any time, the configuration can be tested in the Identity Provider Settings tab.

It is recommended to run multiple tests over time to ensure everything is working properly.

configuration_sso_adfs_07.png

 

Enable Login Link

Go to Details Tab > toggle Yes on Add Login Link to Navigation > Select the menu where this link appears and give the link a name.

configuration_sso_adfs_08.png

Click Save.

Related articles