Configure Single Sign-On (SSO) with ADFS 4.0 (OpenID)

Configure federation using OpenID (ADFS 4.0) by following the steps below:

1. To initialize the configuration process, open a support ticket with the ValueBlue support team and provide the following details:
   • Client Identifier
   • Metadata URL
   • Your BlueDolphin site URL
   • Domain name used to log in to your Active Directory domain, for example: myowndomain.nl or myactivedirectorydomain.local.
   • Your logo in .png format (makes it easier to distinguish SSO from other types of authentication)
   • Specify the method (OpenID or SAML)
2. Open ADFS Settings.
3. Create a new application group by clicking Add Application Group...
   
4. In Name use "BlueDolphin".
5. In Template select Web Browser accessing a web application.
6.  Click Next.
7. A Client Identifier is generated. Temporarily store this value, because you will need it later on.
   
8. Add the following Redirect URI (these URLs are subject to change):
   • For EU tenants: https://bluedolphin03.b2clogin.com/bluedolphin03.onmicrosoft.com/oauth2/authresp
   • For US-located tenants: https://bluedolphinprdus.b2clogin.com/bluedolphinprdus.onmicrosoft.com/oauth2/authresp
9. Select Access Control Policy and configure as desired. 
10. Click Next, Next, Next and then Close.
11. Open the created Application Group.
12. Select the BlueDolphin Web Application and choose Edit.
    
13. Open the tab Issuance Transform Rules.
14. Add Rule.
15. In Claim Rule Template select Send LDAP attributes as claims and click Next.
16. In Claim Rule Name use "BlueDolphin Claims".
17. In Attribute store select Active Directory.
18. Configure the following claims:
19. Click Finish.
20. Open the tab Client Permissions.
21. Select the following scopes:
    
22. Click OK and OK again.
23. Determine your federation metadata URL. This should be something like:
    https://adfs.yourdomain.toplevel/adfs/.well-known/openid-configuration