Set up AD FS to Encrypt the Complete Message and Assertion

AD FS as the CAS and IdP for ThingWorx > Example: AD FS as Central Auth Server and Identity Provider > Configuring Authentication with AD FS > Set up AD FS to Encrypt the Complete Message and Assertion

The command below configures the SAML response signature via the Windows PowerShell. This command must be executed on the AD FS server in order for communication to succeed.

1. On your AD FS server, open the Windows PowerShell as Administrator.

2. Replace the <Relying Party Trust Name> string with the relying party trust name that you copied to a text editor during the Add Relying Party Trusts procedure.

3. Execute the following command, using the procedure:

Set-ADFSRelyingPartyTrust -TargetName <Relying Party Trust Name> -SamlResponseSignature "MessageAndAssertion"

See the example in the image below.

Was this helpful?