Admin Single Sign-On (SSO) Setup: Integrating Microsoft ADFS with Vome
Overview
This article explains how to integrate Microsoft Active Directory Federation Services (ADFS) with Vome using SAML 2.0 authentication. Once configured, your administrators can securely log in to Vome using their existing organizational credentials managed by your ADFS server.
1. Understanding SAML SSO
SAML (Security Assertion Markup Language) enables single sign-on (SSO) by securely exchanging authentication data between:
Identity Provider (IdP): Your Microsoft ADFS server
Service Provider (SP): Vome platform
User: The administrator logging in
Authentication Flow Summary
Admin clicks “Login with SSO” in Vome
Vome redirects the admin to your ADFS login page
Admin enters their organizational credentials
ADFS validates credentials and generates a signed SAML assertion
Assertion is sent back to Vome
Vome validates the signature and grants access
Note: ADFS integration supports authentication only (no user syncing). Each admin must already exist in Vome.2. Prerequisites
Before beginning:
On ADFS
Administrative access
Ability to create Relying Party Trusts
HTTPS access to your ADFS server
Token-signing certificate available
On Vome
Using the Ultimate plan
3. ADFS Configuration Steps
Step 1 — Add a New Relying Party Trust
Open ADFS Management Console
Go to Trust Relationships → Relying Party Trusts → Add Relying Party Trust
Choose Claims Aware, click Start, then select “Enter data manually.”
Step 2 — Configure URLs and Identifiers
Enable SAML 2.0 WebSSO protocol
Use the Identifier (Entity ID) and Reply URL (Assertion Consumer Service URL) provided by Vome from your Settings page > SSO (Single Sign-On) > ADFS
Step 3 — Add Claim Rules
Create two rules:
Rule 1: Send LDAP Attributes as Claims
Rule 2: Transform Email to NameID
Incoming claim:
E-Mail AddressOutgoing claim:
Name IDFormat:
EmailPass through all values ✓
Step 4 — Export Required Files
Federation Metadata XML
URL example:
https://adfs.yourcompany.com/FederationMetadata/2007-06/FederationMetadata.xmlDownload and save
Token-Signing Certificate
Export as Base-64 encoded X.509 (.CER) file
4. Configure Vome
Go to Settings → Single Sign-On (SSO)
Select Microsoft ADFS
Upload:
Federation Metadata XML
Token-Signing Certificate (.CER)
Ensure “Sign SAML response and assertion” is enabled in ADFS
Click Verify Configuration
If successful: “SSO configuration verified successfully!”
If error: Check Entity ID, ACS URL, and certificate validity.
5. Testing & Enforcement
Test Your SSO Connection
Click Test SSO
Authenticate via your ADFS login page
You’ll be redirected back to Vome upon success
Enforce SSO (Optional)
Toggle Require SSO for all users
Use Manage excluded users for backup access (recommended for emergencies
Related Articles
Admin Single Sign-On (SSO) Setup: Integrating Microsoft Entra ID with Vome
This article outlines how to integrate Microsoft Entra ID with Vome using SAML-based Single Sign-On (SSO). It covers the complete process - from adding Vome as a custom application in Microsoft Entra ID to configuring the necessary SAML fields ...Master the Vome fundamentals: The relationship between Categories, Opportunities & Shifts
PLEASE READ THIS ARTICLE BEFORE SETTING UP YOUR PORTAL. Before you begin the setup process, you should become familiar with the platform's lingo and hierarchical breakdown to map out how to best structure your portal when you go through the process ...What are the best practices for creating admin roles for multi-location segmentation?
Best Practices for Creating Admin Roles for Multi-Location Segmentation Overview In Vome, multi-location segmentation can refer to different departments, geographic areas, operations, or programs. Account Holders may need to create admin roles to ...Why can't an admin see a profile in the database?
Why Can't an Admin User See a Profile in the Database? If you're an admin user and cannot see a specific profile in the database, there could be several reasons why. Below are the most common explanations and best practices for ensuring proper ...Microsoft Mailbox Integration - Information and Troubleshooting
Overview Our Microsoft email integration allows you to connect your mailbox to Vome, so you can send and manage emails directly from the platform. It is designed for Microsoft 365 (Exchange Online) accounts managed through Azure Active Directory ...