9.1 Configuring SSO Integration with ADFS

The SSO integration between qTest and ADFS needs to be configured and it will work as described as in this instruction. However, there are some important notes below:

»Configuring the Integration with qTest on your ADFS

»Configuring SSO Integration on qTest

Configuring the Integration with qTest on your ADFS

1. Check Federation Service Properties

Web SSO lifetime should not be greater than 480 minutes


Federation Service Properties

2. Add a Relying Party Trust

Add a Relying Party Trust:

  1. On the left pane, click Add Relying Party Trust...
    Add Relying Party Trust
  2. On the Welcome page of Add Relying Party Trust Wizard, click Start button
  3. At Select Data Source step, select option Import data about the relying party published onliine or on a local network and enter this URL: https://[your qTest URL]/saml/metadata
  4. At Specify Display Name step, enter any name for the Relying Party, eg. qTest SSO
  5. Proceed to the last step to complete adding a Relying Party Trust

Edit the newly added Relying Party Trust:

  1. After it has been created successfully, right click and selec Properties to edit it
  2. In Identifiers tab of Properties dialog, view the identier URL (https://[qTest URL]/saml/metadata)
    qTest SSO Properties - Identifiers
  3. In Monitoring tab of Properties dialog, edit the federation metadata URL and ensure that it is the same as the identifier URL (https://[qTest URL]/saml/metadata)
    qTest SSO Properties
  4. In Advanced tab, select SHA-256 secure has algorithm
  5. Click Apply button and close the diaglog

Edit Claim Rules of the newly added Relying Party Trust:

  1. Right click and select Edit Claim Rules
  2. Add a claim rule and it is required to be exactly the same as described below:
    • Claim rule name: NameID
    • Attribute store: Active Directory
    • Map the LDAP attribute with qTest field as in the image below
    Edit Claim Rules - NameID
  3. Add another claim rule. This one is not required
    • Claim rule name: Attributes
    • Attribute store: Active Directory
    • Map these qTest fields user.firstname, user.lastname, and user.email with any suitable LDAP attributes
    Edit Claim Rules - Attributes

Configuring SSO Integration on qTest

Remember to enter IdP Metadata link as this format: https://[your ADFS URL]/FederationMetadata/2007-06/FederationMetadata.xml

qTest - Admin - Authentication Integration