|Applies To||RSA Federated Identity Manger (FIM) 4.1|
Unable to federate to SharePoint with ADFS and RSA
The user is unable to federate to Microsoft SharePoint with ADFS and RSA FIM acting as the IDP.
Error when accessing SharePoint
|Cause||SharePoint was expecting an "AD FS 1.x E-Mail Address" claim. RSA FIM was sending email address claim as "E-Mail Address" and not "http://schemas.xmlsoap.org/ws/2005/05/identity/caims/emailaddress" which is what ADFS was expecting.|
|Resolution||Create a custom claim rule on CP trust rules to transform "E-Mail Address" to "http://schemas.xmlsoap.org/ws/2005/05/identity/caims/emailaddress" and a transform rule to change ADFS emal address into "AD FS 1.x E-Mail Address" in case we needed to use the default email claim for another RP.|
|Legacy Article ID||a59298|