1. Choose Claims aware
2. [Start]

1. Select Enter data about the relying party manually
2. [Next]

1. Specify Display Name
2. [Next]

1. Click [Next]

NOTE: If you need to configure encryption, it must also be configured on the Metric Insights' side.

Access the Installation Page for simpleSAML in Metric Insights at https://<hostname>/simplesaml

1. From the Federation tab, click [Show metadata]
2. Copy the location URL of HTTP-POST
3. Select Enable support for the SAML 2.0 SSO Web SSO protocol
4. Input the URL you copied from metadata
5. Click [Next]

1. Select Enable support for the SAML 2.0 SSO Web SSO protocol
2. Input the URL you copied from metadata
3. Click [Next]

1. Copy the Relying party trust identifier from the SAML 2.0 SP Metadata page
2. Paste the identifier to Relying party trust identifier field and [Add]
3. Click [Next]

1. If not selected by default, choose Permit everyone
2. Click [Next]

1. Check Configure claims issuance policy for this application
2. [Close]

1. Choose Send LDAP Attributes as Claims
2. Click [Next]

1. Enter Claim rule name
2. Set Attribute store to "Active Directory"
3. Map LDAP Attributes
4. [Finish]

1. Get FederationMetadata.xml from ADFS by using:
   • wget https://dc1.metricinsights.com/FederationMetadata/2007-06/FederationMetadata.xml, where https://dc1.metricinsights.com is the address of the ADFS server
2. Parse the .xml file:
   1. In the web container, run the following command: /opt/mi/iv/data/bin/mi-saml-config.php --input-file <full path to FederationMetadata.xml> --saml-type adfsv3
   2. The metadata from the response representing the DEFINE section to be copied to the /opt/mi/external_config/saml.php and /opt/mi/external_config/saml20-idp-remote.local.php files
3. Access Admin > System > System Variables, set SAML_ENABLED to 'Y', and [Commit Changes]. See the screen below.