---
title: "Integrating ADFS with SysAid"
slug: "adfs"
description: "The ADFS integration allows you to sync SysAid with your ADFS account.The ADFS server must be properly running on your system in addition to Windows Server 2012 R2 or above.Sys aid version 15.2."
updated: 2026-01-07T09:06:47Z
published: 2026-01-07T09:06:47Z
canonical: "documentation.sysaid.com/adfs"
---

> ## Documentation Index
> Fetch the complete documentation index at: https://documentation.sysaid.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Integrating ADFS with SysAid

The ADFS integration allows you to sync SysAid with your ADFS account so you can automatically log in to SysAid whenever you log in to ADFS.

## Requirements

For the integration to work properly:

- The ADFS server must be properly running on your system in addition to Windows Server 2012 R2 or above and SysAid version 15.2.01 or above.
- Both the ADFS server and SysAid server require valid SSL certificates
- You cannot activate this integration if another single-sign-on (SSO) integration has already been enabled for SysAid
- Only an admin with [SysAid Administrator permissions](/v1/docs/edit-administrator#SysAidAdmin) can set up this integration

## Set up ADFS integration in SysAid

The first step to enabling your ADFS integration is configuring certain parameters from SysAid's ADFS integration page. Speak to your account manager to ensure that ADFS is added to your available integrations.

> [!NOTE]
> Please note:
> 
> In case you decide to install the integration that we do not provide our support, you hereby acknowledge and agree that you install and maintain such integration on your sole responsibility and that SysAid will have no responsibility, nor liability, with this regard.

To configure ADFS parameters in SysAid

1. In SysAid, go to **Connect**>**My add-ons**.
2. Search for ADFS and click the **gear icon**.
3. In the ADFS Callback URL field, replace the text "MyAccount" with your SysAid account name.
4. In the ADFS IDP Login URL field, replace the text "MyAccount.MyADFS.com" with the host name of your ADFS server. ![IntegrationADFSfilesADFSIntegrationPage.jpg](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesADFSIntegrationPage.jpg)

## Configure your ADFS 2016 account for integration with SysAid

Once you have set up the configuration in SysAid, there are multiple processes you must perform to properly set up the SysAid integration.

If you are using ADFS 2012, see the configuration instructions [below](/docs/adfs#configure-your-adfs-2012-account-for-integration-with-sysaid).

### Add Relying Party Trust

The first process from within ADFS is adding a relying party trust to the ADFS configuration database.

To add a relying party trust

1. Open ADFS.
2. In the folder pane, navigate to**ADFS** and right-click the **Relying Party Trusts** folder.
3. From the Right-Click menu, select **Add Relying Party Trust**.
4. On the first page of the Add Relying Party Trust Wizard, select **Claims aware**.
5. Click **Start**. ![IntegrationADFSfiles20161.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfiles20161.png)
6. In the Select Data Source screen, select the **Enter data about the relying party manually** option.
7. Click **Next**. ![IntegrationADFSfiles20162.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfiles20162.png)
8. In the Specify Display Name screen, enter a display name.
9. Click **Next**. ![IntegrationADFSfiles20163.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfiles20163.png)
10. In the Configure Certificate screen, click **Next**.
11. In the Configure URL screen, select the **Enable support for the SAML 2.0 WebSSO protocol** check box.
12. Copy the callback URL that you set in the SysAid ADFS Configuration screen in step 3 of the section above and paste it into the **Relying Party SAML 2.0 SSO Service URL** field.
13. Click **Next**. ![IntegrationADFSfiles20165.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfiles20165.png)
14. In the Configure Identifiers screen, copy the ADFS Issuer Token from the SysAid ADFS configuration screen to the **Relying Party Trust Identifier** field.
15. Click **Add**.
16. Click **Next**. ![IntegrationADFSfiles20166.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfiles20166.png)
17. In the Choose Access Control Policy screen, select **Permit Everyone**.
18. Click **Next**. ![IntegrationADFSfiles20167.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfiles20167.png)
19. In the Ready to Add Trust screen, click **Next**.
20. In the Finish screen, click **Close**.
21. In the Edit Claim Rules for SysAid Login dialog that opens on your screen, click **Add Rule**. ![IntegrationADFSfiles201610.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfiles201610.png)
22. In the Choose Rule Type screen, from the Claim Rule Template drop-down, select **Send LDAP Attributes as Claims**.
23. Click **Next**. ![IntegrationADFSfiles201611.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfiles201611.png)
24. In the Configure Claim Rule screen, enter a claim rule name in the **Claim Rule Name** field.
25. From the Attribute Store drop-down, select **Active Directory**.
26. Build map of LDAP attributes (see screenshot below).
27. Click **Finish**. ![IntegrationADFSfiles201612.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfiles201612.png)

### Create a new claim rule

1. Back in the Edit Claim Rules for SysAid Login dialog, click **Add Rule**. ![IntegrationADFSfiles201613.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfiles201613.png)
2. In the Choose Rule Type screen, from the Claim Rule Template drop-down, select **Transform an Incoming Claim**.
3. Click **Next**. ![IntegrationADFSfiles201614.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfiles201614.png)
4. In the Edit Rule - NameID window, enter a rule name in the **Claim Rule Name** field.
5. From the Incoming Claim Type drop-down, select **UPN**.
6. From the Outgoing Claim Type drop-down, select **Name ID**.
7. From the Outgoing Name ID Format drop-down, select **UPN**.
8. Ensure that the **Pass through all claim values** option is selected.
9. Click **OK**. ![IntegrationADFSfilesEditRule.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesEditRule.png)

### Add ADFS thumbprint to the SysAid ADFS Configuration screen

Now that you have set up the configuration on the ADFS side, you need to retrieve the ADFS thumbprint parameter and add it to the SysAid ADFS Configuration screen.

1. On the Main ADFS screen, select the **Service > Certificates** folder.
2. Click the Token-signing file.
3. In the Certificate dialog, select the Details tab.
4. In the field column, click **Thumbprint**.
5. Copy the Thumbprint text.
6. Click **OK**. ![IntegrationADFSfiles201616.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfiles201616.png)
7. In SysAid, in the ADFS Configuration screen, paste the copied text into the ADFS Certificate Thumbprint field.
8. Click the Activate Integration slider.
9. (Optional) If you want SysAid to create new users with their ADFS IDs, Enter "Y" in the Create New Users field.
10. (Optional) If you selected to allow SysAid to create new users with their ADFS IDs, you can replace the ADFS domain with any name you want in the Domain Mapping field. For example, "MyDomain= MyCompany.com, MyDomain2= MyCompany.com". If you want user names to contain the ADFS domain, leave this field blank.
11. Click **Save Changes**. ![IntegrationADFSfilesADFSIntegrationPageThumb.jpg](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesADFSIntegrationPageThumb.jpg)

### Configure your browser

Once SysAid is integrated with ADFS, you need to configure your browser to allow for SSO (Single Sign On). This requires one procedure if you are running a SysAid in Internet Explorer and a separate procedure if you are running SysAid in Chrome or FireFox. You can perform one or both procedures depending on your company's requirements.

To configure ADFS SSO for Internet Explorer or Microsoft Edge

1. From your Windows Control Panel, select **Internet Options**.
2. In the Security tab, click **Local intranet**.
3. Click **Sites**. ![IntegrationADFSfilesInternetOptions.jpg](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesInternetOptions.jpg)
4. In the Local intranet, click **Advanced**.
5. Add the first part of the URL you entered in the ADFS IDP Login URL field in SysAid's ADFS Configuration screen that ends in ".com".
6. Click **Add**. ![IntegrationADFSfilesLocalIntranet2.jpg](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesLocalIntranet2.jpg)
7. Click **Close**.
8. In the Local intranet window, click **OK**.
9. In the Internet Options window, click **OK**.

To configure ADFS SSO for Chrome and FireFox

If the ADFS integration is not working in Chrome or FireFox, open the Powershell command prompt on the ADFS server as an administrator and run the following commands:

# Add Chrome as a valid User Agent for NTLM authentication Set-ADFSProperties -WIASupportedUserAgents ((Get-ADFSProperties | Select-Object -ExpandProperty WIASupportedUserAgents) + "Mozilla/5.0")

# Disable Extended Protection in ADFS 3.0 Set-ADFSProperties –ExtendedProtectionTokenCheck None

**This completes the SysAid ADFS integration !** When you access your SysAid login screen, you are routed to the ADFS login screen. If you are logged into ADFS, you are automatically logged in to SysAid.

If you need to manually log in to SysAid to fix your ADFS configuration, use the following URL: "<SYSAID URL>/Login.jsp?manual=true".

For further assistance, please contact [SysAid Support](https://www.sysaid.com/company/contact-us).

## Configure your ADFS 2012 account for integration with SysAid

Once you have set up the configuration in SysAid, there are multiple processes you must perform to properly set up the SysAid integration.

### Add Relying Party Trust

The first process from within ADFS is adding a relying party trust to the ADFS configuration database.

To add a relying party trust

1. Open ADFS.
2. In the folder pane, navigate to**ADFS > Trust Relationships** and right-click the **Relying Party Trusts** folder.
3. From the Right-Click menu, select **Add Relying Party Trust**.
4. On the first page of the Add Relying Party Trust Wizard, click **Start**. ![IntegrationADFSfilesConfig1.jpg](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesConfig1.jpg)
5. In the Select Data Source screen, select the **Enter data about the relying party manually** option.
6. Click **Next**. ![IntegrationADFSfilesConfig2.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesConfig2.png)
7. In the Specify Display Name screen, enter a display name.
8. Click **Next**. ![IntegrationADFSfilesConfig3.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesConfig3.png)
9. In the Choose Profile screen, select **AD FS profile**.
10. Click **Next**. ![IntegrationADFSfilesConfig4.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesConfig4.png)
11. In the Configure Certificate screen, click **Next**.
12. In the Configure URL screen, select the **Enable support for the SAML 2.0 WebSSO protocol** check box.
13. Copy the callback URL that you set in the SysAid ADFS Configuration screen in step 3 of the section above and paste it into the **Relying Party SAML 2.0 SSO Service URL** field.
14. Click **Next**. ![IntegrationADFSfilesConfig6.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesConfig6.png)
15. In the Configure Identifiers screen, copy the ADFS Issuer Token from the SysAid ADFS configuration screen to the **Relying Party Trust Identifier** field.
16. Click **Add**.
17. Click **Next**. ![IntegrationADFSfilesConfig7.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesConfig7.png)
18. In the Configure Multi-factor Authentication Now? screen, ensure that the **I do not want to configure...** option is selected.
19. Click **Next**. ![IntegrationADFSfilesConfig8.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesConfig8.png)
20. In the Choose Issuance Authorization Rules screen, ensure that the **Permit All Users to Access This Relying Party** option is selected.
21. Click **Next**. ![IntegrationADFSfilesConfig9.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesConfig9.png)
22. In the Ready to Add Trust screen, click **Next**.
23. In the Finish screen, click **Close**.
24. In the Edit Claim Rules for SysAid Login dialog that opens on your screen, click **Add Rule**. ![IntegrationADFSfilesConfig12.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesConfig12.png)
25. In the Choose Rule Type screen, from the Claim Rule Template drop-down, select **Send LDAP Attributes as Claims**.
26. Click **Next**. ![IntegrationADFSfilesConfig13.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesConfig13.png)
27. In the Configure Claim Rule screen, enter a claim rule name in the **Claim Rule Name** field.
28. From the Attribute Store drop-down, select **Active Directory**.
29. Build map of LDAP attributes (see screenshot below).
30. Click **Finish**. ![IntegrationADFSfilesConfig14.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesConfig14.png)

### Create a new claim rule

1. Back in the Edit Claim Rules for SysAid Login dialog, click **Add Rule**. ![IntegrationADFSfilesConfig15.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesConfig15.png)
2. In the Choose Rule Type screen, from the Claim Rule Template drop-down, select **Transform an Incoming Claim**.
3. Click **Next**. ![IntegrationADFSfilesConfig16.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesConfig16.png)
4. In the Edit Rule - NameID window, enter a rule name in the **Claim Rule Name** field.
5. From the Incoming Claim Type drop-down, select **UPN**.
6. From the Outgoing Claim Type drop-down, select **Name ID**.
7. From the Outgoing Name ID Format drop-down, select **UPN**.
8. Ensure that the **Pass through all claim values** option is selected.
9. Click **OK**. ![IntegrationADFSfilesConfig17.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesConfig17.png)

### Add ADFS thumbprint to the SysAid ADFS Configuration screen

Now that you have set up the configuration on the ADFS side, you need to retrieve the ADFS thumbprint parameter and add it to the SysAid ADFS Configuration screen.

1. On the Main Ad FS screen, select the **Service > Certificates** folder.
2. Click the Token-signing file.
3. In the Certificate dialog, select the Details tab.
4. In the field column, click **Thumbprint**.
5. Copy the Thumbprint text.
6. Click **OK**. ![IntegrationADFSfilesThumbprint.jpg](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesThumbprint.jpg)
7. In SysAid, in the ADFS Configuration screen, paste the copied text into the ADFS Certificate Thumbprint field.
8. Click the Activate Integration slider.
9. (Optional) If you want SysAid to create new users with their ADFS IDs, Enter "Y" in the Create New Users field.
10. (Optional) If you selected to allow SysAid to create new users with their ADFS IDs, you can replace the ADFS domain with any name you want in the Domain Mapping field. For example, "MyDomain= MyCompany.com, MyDomain2= MyCompany.com". If you want user names to contain the ADFS domain, leave this field blank.
11. Click **Save Changes**. ![IntegrationADFSfilesADFSIntegrationPageThumb1.jpg](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesADFSIntegrationPageThumb.jpg)

### Configure your browser

Once SysAid is integrated with ADFS, you need to configure your browser to allow for SSO (Single Sign On). This requires one procedure if you are running a SysAid in Internet Explorer and a separate procedure if you are running SysAid in Chrome or FireFox. You can perform one or both procedures depending on your company's requirements.

To configure ADFS SSO for Internet Explorer or Microsoft Edge

1. From your Windows Control Panel, select **Internet Options**.
2. In the Security tab, click **Local intranet**.
3. Click **Sites**. ![IntegrationADFSfilesInternetOptions1.jpg](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesInternetOptions.jpg)
4. In the Local intranet, click **Advanced**.
5. Add the first part of the URL you entered in the ADFS IDP Login URL field in SysAid's ADFS Configuration screen that ends in ".com".
6. Click **Add**. ![image.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/image%28126%29.png)
7. Click **Close**.
8. In the Local intranet window, click **OK**.
9. In the Internet Options window, click **OK**.

To configure ADFS SSO for Chrome and FireFox

1. In your ADFS server, open IIS Manager.
2. Navigate to Default Web Site > ADFS > IS. ![IntegrationADFSfilesPath.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesPath.png)
3. Double-Click ![IntegrationADFSfilesAuthentication.jpg](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesAuthentication.jpg).
4. Right-click **Windows Authentication** and select **Advanced Settings** from the Right-Click menu.
5. Set Extended Protection to **Off**.
6. Click **OK**. ![IntegrationADFSfilesAuthenticationOFF.png](https://cdn.document360.io/52d3cb6c-cc81-43c2-b6f7-cbabcb449271/Images/Documentation/IntegrationADFSfilesAuthenticationOFF.png)

#### This completes the SysAid ADFS integration !

When you access your SysAid login screen, you are routed to the ADFS login screen. If you are logged into ADFS, you are automatically logged in to SysAid.

If you need to manually log in to SysAid to fix your ADFS configuration, use the following URL: "<SYSAID URL>/Login.jsp?manual=true".

For further assistance, please contact [SysAid Support](https://www.sysaid.com/company/contact-us).