Passly supports SAML Apps added in the SSO Manager.
ADP Payroll is a 3rd party tool provided via https://www.adp.com/
Passly Settings
- Log into Passly https://(companyname).my.passly.com
- Select Directory Manager.
- Select Groups.
- Select the Blue plus sign in the bottom right corner.
- Name the Group ADP Users.
Note: If you have other existing Groups for SSO users you can use one of these as well. - Select Add Group.
- Select SSO Manager.
- Select the Blue plus sign in the bottom right corner.
- Select ADP from the list.
- Select "Application is Enabled" to enable the Application.
- Update the Name field if needed.
Note: You cannot have two SAML Apps with the same name. - Select your preferred Authentication Policy.
Note: If you have not created any specific policies the "Default Policy" will be applied. - Select Add Application.
ADP Configuration
ADP Payroll SAML Setup guide https://support.adp.com/netsecure/pages/pub/docs/fed/en_us/ADP_Federation_Guide.pdf
Below are the configuration steps to complete a SAML federated setup.
- Sign into the ADP Federated SSO site (https://identityfederation.adp.com/)
- Select your Identity Provider. ADP supports preconfigured setups for selected IDP partners.
- Complete the information in the Configure section with in the SAML Setup tab. The steps
in this section will vary depending on your selections in steps 3 and 4. - After completing your IDP setup, click Next.
Note: Most IDPs have an ADP application listed in their catalog. Please search for the ADP
application at the IDP and follow the IDP’s setup instructions. - On the Upload Certificate tab, click Browse and select your IDP’s metadata file.
Note: When your certificate expires in the future, use the Upload Certificate feature to
renew it. - Click Upload. When the upload is completed, the Federated Issuer Key field will be
updated, and the new certificate appears in the Latest Uploaded Certificate list with
status Active.
Note: You will not be able to make further changes to the Federated Issuer Key (AKA
“Issuer URL”). However, you can update a certificate as many times as needed. - Handshake step: Handshake is verification process to help verify that your IDP setup is
configured as per ADP requirements.
Note:
• Handshake will only appear if you are using “Other not listed identity provider”,
ADFS, or “Standard Identity Provider” for EMEA clients.
• Please update the Test PersonImmutableID to match the account of the test user. - You can now test with a few employee users in your company. To begin the test, click
Provision User(s) under the User Setup on the left navigation bar.
• For NAS (Nationals) clients please contact your implementation representation
to complete this step.