Skip to main content
All CollectionsAdmin ResourcesAccessing Bonusly:
How to Configure SAML SSO with ADFS
How to Configure SAML SSO with ADFS

Guide to setting up SAML SSO with ADFS for secure and streamlined access to Bonusly.

Updated over 3 months ago

This article is best for:

- Global Admins

In this article:

Integrating Bonusly with ADFS

  1. Navigate to your Admin Settings page, then navigate to Integrations

  2. Click on SAML

  3. Fill in the following information:

    1. IdP SSO target URL: This is the ADFS URL that will process the SAML payload from Bonusly. E.g. https://adfs.yourcompany.com/adfs/ls/

    2. IdP Issuer: ADFS Issuer URL, e.g http://adfs.yourcompany.com/adfs/services/trust

    3. IdP Cert X509 OR Fingerprint: Copy over the X509 Cert or Fingerprint from ADFS.

    4. Save the integration

  4. Follow this Microsoft Help Center article to add Relying Party Trust

    1. Endpoint Tab

    2. Advanced Tab

    3. Identifiers Tab

    4. The relying party identifier should be your SP issuer within Bonusly, as found on your Integrations > SAML page.

  5. Set up Claim Rules in ADFS:

    1. Claim rules should be ordered so that the "Get email" rule comes before the "Email to NameID" rule.

      1. Get email rule

      2. Email/nameID Transform

  6. After you set up the AD FS relying party trust:

    1. Create an app registration in Azure

    2. Enter site settings in Power Pages

  7. Testing Single Sign-On

    1. Once you've configured SSO, you can test it as follows:

      1. IdP-initiated SSO:

        1. Log out of Bonusly

        2. Log in to your IdP (e.g. Okta, OneLogin, etc)

        3. Click on the Bonusly app in your app panel

      2. SP-initiated SSO:

        1. Log out of Bonusly

        2. Visit the URL https://bonus.ly/saml/APP_ID/index (where APP_ID is the "App ID" provided on the SSO configuration page in Bonusly)

          1. Make sure you replace APP_ID from the above link with the App ID from the SAML Integration page in Bonusly!

Restricting Login Methods

Once you have tested SSO and verified that it is working, you can restrict sign on methods for your Bonusly account to require that users authenticate via SSO. This is more secure and makes it so that your employees don’t need to remember passwords for Bonusly.

To restrict to SAML SSO only:

  1. Go to Manage Admin Settings > Company > Account Settings

  2. Scroll down to "Security" and select the check box to only allow users to login via single sign on.

    ​ Select the "Save settings" button.

Questions? Send us a note to [email protected]; we'd be happy to help!

Was this article helpful? Let us know by rating it below with an emoji and sharing your feedback!

Related Articles
How to set up Single Sign On with SAML
Set up SAML Single Sign-On with Microsoft Entra
How to Configure SAML SSO and User Provisioning with Okta
Did this answer your question?