Add Relying Party Trusts
1. Under the AD FS menu, click Relying Party Trusts.
2. Click Add Relying Party Trust in the Actions menu on the right.
3. In the Add Relying Party Trust Wizard window that opens, select Claims aware and click Start.
4. On the Select Data Source page, select Enter data about the relying party manually and click Next.
5. On the Specify Display Name page, enter a name for the relying party in the Display name field. Copy the display name to a text editor and save it for use later in the process. Then click Next.
6. On the Configure Certificate page, click Next.
7. On the Configure URL page, select the Enable support for the SAML 2.0 Web SSO protocol. Then enter Relying party SAML 2.0 SSO service URL using the following format and click Next.
https://<ThingWorx_FQDN>:<Port>/Thingworx/saml/SSO
8. On the Configure Identifiers page, add a Relying party trust identifier using the following format and click Add.
https://<ThingWorx_FQDN>:<Port>
9. Add a second Relying party trust identifier using the Display name that you previously copied to a text editor. Then click Next.
 | This Relying party trust identifier will be used in ThingWorx when you configure the metadataEntityId value in the BasicSettings component of the sso-settings.json file. |
10. On the Choose Access Control Policy page, select Permit everyone, and click Next.
11. On the Ready to Add Trust page, click Next
12. On the Finish page, click Close.