Defining policy rules for the remote connection (ADFS)

Learn about how to create a policy rule for the SSO connection. Creating a policy rule is required to use the SSO connection for the Identity Provider that you registered.

About this task

The metadata setting SSO_SAML20_IDP enables the policy for SSO authentication by using SAML. Replace the default value, in this case, adfs01 with the unique Identity Provider name.


  1. To create a policy rule for a remote connection that uses an Active Directory Federation Services (ADFS) Identity Provider, create an XML document like the following example:
    Note: The following example creates a policy for an SSO connection to, which is controlled by ADFS.
    <?xml version="1.0" encoding="UTF-8"?>
    <proxy-rules xmlns:xsi=""
    		<mapping contextpath="/myproxy" url="*">
    			<policy name="pol_adfs01" url="*" >
    				<cookie-rule name="co_adfs01">
  2. After you save the XML file, run the ConfigEngine task update-outbound-http-connection-config to apply the policy settings to the configuration profile:
    • AIX®, HP-UX, Linux™, Solaris: ./ update-outbound-http-connection-config -DConfigFileName=XML_file -DOutboundProfileType=global
    • IBM® i: update-outbound-http-connection-config -DConfigFileName=XML_file -DOutboundProfileType=global
    • Windows™: ConfigEngine.bat update-outbound-http-connection-config -DConfigFileName=XML_file -DOutboundProfileType=global
    Where XML_file is the file path to the XML file.