Configuring PingOne Cloud as an Identity Provider
Warning: Pivotal Single Sign-On v1.11 is no longer supported because it has reached the End of General Support (EOGS) phase as defined by the Support Lifecycle Policy. To stay up to date with the latest software and security updates, upgrade to a supported version.
This topic describes how to set up PingOne Cloud as your identity provider by configuring SAML integration in both Pivotal Single Sign‑On and PingOne Cloud.
- Log into the SSO Operator Dashboard at
https://p-identity.SYSTEM-DOMAINas a Plan Administrator.
Select your plan and click Manage Identity Providers on the dropdown.
Click Configure SAML Service Provider.
(Optional) Select Perform signed authentication requests to enforce SSO private key signature and identity provider validation.
(Optional) Select Require signed assertions to validate the origin of signed responses.
Click Download Metadata to download the service provider metadata.
Sign in as a PingOne Cloud administrator.
Navigate to your app by clicking on Apps.
Click Add Application and choose New SAML Application.
Enter the Application Name, Application Description, Category and any Graphics.
Click Continue to Next Step to configure SAML.
In the Application Configuration section, perform the following steps:
- Select I have the SAML configuration.
- For SAML Metadata, click Download to download the identity provider metadata.
- For Protocol Version, select SAML v 2.0.
- For Upload Metadata, click Select File and select the service provider metadata.
- Click Continue to Next Step.
(Optional) Under SSO Attribute Mapping, specify any app or group attributes that you want to map to users in the ID token.
Click Save & Publish.