I am a Zivver admin
Configure and manage Zivver
How to update Zivver SAML metadata and verify in ADFS
Introduction
Your organization is using Single Sign-On to log users in to Zivver via ADFS. Your Identity Provider (IdP) and Zivver (Service Provider (SP)) exchange metadata. This metadata contains necessary information so that the IdP and Zivver can trust each other. The metadata is signed with a certificate. The current Zivver certificate expires on December 3rd 2021.
There are two different methods of updating the Zivver metadata in ADFS.
- How to update the Zivver metadata in ADFS via URL - Recommended
- How to update the Zivver metadata in ADFS via XML import
How to update the Zivver metadata in ADFS via URL - Recommended
Updating the Zivver metadata in ADFS via URL can be done in three ways. Choose the method that suits your preference.
Automatically - Recommended
When the monitoring features are enabled, ADFS monitors for new metadata every 24 hours (1440 minutes) by default. You can see how often ADFS checks for new metadata by running the PowerShell command:
Get-ADFSProperties | select MonitoringInterval
Do these steps to setup up automatic monitoring for Zivver metadata.
- Open ADFS Management Console
- Open Trust Relationships > Relying Party Trusts
- Right-click the Zivver relying party trust and select Properties
- Open the tab Monitoring
- At Relying party’s federation metadata URL: enter the URL https://app.zivver.com/api/sso/saml/meta
- Click Test URL
If you see the error message > An error occurred during an attempt to read the federation metadata. Verify that the specified URL or host name is a valid federation metadata endpoint. Do a check on your proxy server setting. For more information […] add this registry key to the AD FS server. Then, reboot the server.
Location:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319
DWORD name:SchUseStrongCrypto
Value:1 - Select Monitor relying party
- Also select Automatically update relying party
- Click Apply
The metadata should be updated after 24 hours. Verify the metadata is updated.
PowerShell
- Start a PowerShell command line with elevated rights
- Run command:
Update-AdfsRelyingPartyTrust -TargetIdentifier "https://app.zivver.com/SAML/Zivver"
The metadata should be updated. Verify the metadata is updated.
Manually (via user interface)
- Open ADFS Management Console
- Open Trust Relationships > Relying Party Trusts
- Right-click the Zivver relying party trust and select Update from Federation Metadata…
- Click Update
The metadata should be updated. Verify the metadata is updated.
How to update the Zivver metadata in ADFS via XML import
If updating the Zivver metadata via URL is not an option, you can download the new Zivver metadata and import that into ADFS via PowerShell.
- Open a modern browser like Google Chrome
- Go to https://app.zivver.com/api/sso/saml/meta
- Download the metadata as
.xmlfile viaCtrl + Sor when using Chrome, via the hamburger menu in the top right corner > More Tools > Save page as…
Make sure the file is saved with.xmlas file extension. The file name is oftenmeta.xml. - Transfer the
meta.xmlfile to the ADFS server - Start a PowerShell ISE instance with elevated rights
Run this script:
Make sure themeta.xmlfile is stored directly on the C-drive.$metadataPath = "c:\meta.xml" $zivverIdentifier = "https://app.zivver.com/SAML/Zivver" Update-AdfsRelyingPartyTrust -TargetIdentifier $zivverIdentifier -MetadataFile $metadataPath
The metadata should be updated. Verify the metadata is updated.
How do I verify the metadata is updated?
- Open ADFS Management Console
- Open Trust Relationships > Relying Party Trusts
- Right-click the Zivver relying party trust and select Properties
- Open the tab Encryption
- Verify the Expiration date is 11/15/2026 or 15/11/2026 depending on your date and time settings.
