Enterprise Edition
Configuring SAML SSO with ADFS
-
Last updated: July 16, 2024
-
Read time: 2 Minutes
This section explains how to configure SAML SSO using Active Directory Federation Services (ADFS) as your identity provider. You may also need to refer to the ADFS documentation.
Before you start
Make sure your web server URL includes protocol and port information. For more information, see Configuring your web server.
Note
The relying party trust information is dependent on your web server URL.
Step 1: Add Burp Suite Enterprise Edition to your trusted applications
To add Burp Suite Enterprise Edition to your trusted applications:
- Log in to Burp Suite Enterprise Edition as an administrator.
- From the settings menu , select Integrations.
- On the SAML tile, click Configure. Notice that you can copy both the Relying party trust identifier and the Relying party service URL.
- In ADFS, run the Add Relying Party Trust wizard.
- Paste the Relying party service URL into the Relying party SAML 2.0 SSO Service URL field.
- Paste the Relying party trust identifier into the Relying party trust identifier field.
Step 2: Obtain key details from ADFS
To configure Burp Suite Enterprise Edition, you need to obtain the following key details from ADFS:
-
The Entity ID. This is the URL that is sent as the
Issuer
value in SAML responses. - The SSO URL. Burp Suite Enterprise Edition sends users to this URL when they choose to log in using SAML.
- The token-signing certificate. Burp Suite Enterprise Edition uses this to verify that the SAML response was genuinely issued by ADFS.
For more information on how to find these, see the ADFS documentation.
Step 3: Enter the key details in Burp Suite Enterprise Edition
To enter the key details in Burp Suite Enterprise Edition:
- In Burp Suite Enterprise Edition, make sure that you're still on the SAML page.
- In Company details, enter your company name.
- Enter the key details in the relevant fields.
- Click Save.
Step 4: Test your configuration
Once the connection is successfully established, we recommend that you test your configuration by logging in to Burp Suite Enterprise Edition. If the configuration was successful, you will see a message that you have logged in, but you don't yet have permission to do anything.
Managing groups
You can now configure how you manage your groups:
- You can push the groups from your identity provider using SCIM. For more information, see Configuring SCIM.
- Alternatively, you can duplicate your ADFS groups in Burp Suite Enterprise Edition, and manage them locally. For more information, see Enabling Burp Suite Enterprise Edition to access your ADFS groups