These steps will guide you through setting up the single sign-on functionality between ADSelfService Plus and Image Relay
Log in to ADSelfService Plus as an administrator.
Navigate to Configuration → Self-service → Password Sync/Single Sign-on.
Search for Image Relay and select it.
Click Download SSO Certificate link in the top-right corner of the screen.
Image Relay (Service Provider) configuration steps
Now, log in to your Image Relay administrator account.
Select Account Settings tab.
Select Single Sign-on Settings from the left pane.
Under SAML Settings, paste the Login URL you had copied in Step 5 of Prerequisite in SSO Sign-in URL
Paste the Logout URL you had copied in Step 5 of Prerequisite in SSO Logout URL.
In Name Id Format make sure urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress is selected.
In Authn Context field make sure, urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport is selected.
Click Update Certificate and paste the certificate value that you had downloaded in Step 6 of Prerequisite in the text box.
ADSelfService Plus (Identity Provider) configuration steps
Now, switch to ADSelfService Plus’ Image Relay configuration page.
In the Domain Name field, enter the domain name of your email address. For example, if you use firstname.lastname@example.org to log in to Image Relay, then thinktodaytech.com is the domain name.
In the SP Identifier field, enter your unique/organization name found in Image Relay login URL. For example, if your login URL is thinktoday.imagrelay.com, then the SP Identifier is thinktoday.
Enter a Description for the connection.
In the Available Policies field, select the policies for which you wish to enable single sign-on.
Your users should now be able to sign in to Image Relay through ADSelfService Plus.
For Image Relay, both IdP-initiated and SP-initiated flows are supported.