We are running AD FS 2012 R2 and trying to get SAML to work with Redash.
I just to make sure we have understood everything (and we have read through https://redash.io/help-onpremise/setup/saml-authentication-and-authorization.html):
We have a transform rule that converts:
Surname (LDAP attribute) to LastName (Outgoing claim)
Given-Name (LDAP attribute) to FirstName (Outgoing claim)
other then that we have created a claim rule that converts:
E-Mail Address (Incoming claim type)
Name ID (Outgoing claim type)
Transient Identifier (Outgoing name ID format)
Pass through all claim values
If we go into "Endpoints" we find under "SAML Assertion Consumer Endpoints":
"SAML Logout Endpoints":
We have not created new claim descriptions for "FirstName" and "LastName", we have only entered those values as text in the claim rule.
We have tried to change different settings and get different errors, I just wanted to verify that our basic settings are correct. Can provide more info if needed, can't troubleshoot this further atm. due to the service is needed to be up and running.
Best Regards - Karl