Configuring PingOne Cloud as an Identity Provider

Note: Pivotal Platform is now part of VMware Tanzu. In v1.12 and later, Pivotal Single Sign‑On is named Single Sign‑On for VMware Tanzu Application Service.

Page last updated:

This topic describes how to set up PingOne Cloud as your identity provider by configuring SAML integration in both Single Sign‑On for VMware Tanzu Application Service and PingOne Cloud.

Overview

To set up PingOne Cloud as your identity provider through SAML integration:

  1. Set up SAML in Single Sign‑On
  2. Add a New SAML App
  3. Configure the SAML Settings
  4. (Optional) Specify App and Group Attributes
  5. Publish the SAML App

Set up SAML in Single Sign‑On

To set up SAML in Single Sign‑On, follow the steps in Configure SAML Settings.

Add a New SAML App

To add a new SAML app:

  1. Sign in as a PingOne Cloud admin.

  2. Navigate to your app by clicking on Apps.

  3. Click Add Application and choose New SAML Application.

    PingOne Cloud Dashboard My Applications
section.
There is an 'Add Application' button that reveals a dropdown.
Next to it at the far right is a 'Pause All SSO' button.
A red box is drawn around the 'New SAML Application' option.

  4. Enter the Application Name, Application Description, Category and any Graphics.

  5. Click Continue to Next Step to configure SAML.

Configure the SAML Settings

To configure the SAML settings:

  1. Select I have the SAML configuration.

  2. For SAML Metadata, click Download to download the identity provider metadata.

  3. For Protocol Version, select SAML v 2.0.

  4. For Upload Metadata, click Select File and select the service provider metadata.

  5. Click Continue to Next Step.

    Applications Configuration section.
There are many options. At the bottom right are 'Cancel', 'Back', and 'Continue to Next Step'
buttons.

(Optional) Specify App and Group Attributes

To specify app and group attributes:

  1. Under SSO Attribute Mapping, specify any app or group attributes that you want to map to users in the ID token.

    SSO Attribute Mapping section.
There is a table that has 'Application Attribute', 'Identity Bridge Attribute or Literal Value', and
'Required' columns.
At the bottom left is an 'Add new attribute' button.
At the bottom right are 'Cancel', 'Back', and 'Save & Publish' buttons.

Publish the SAML App

To publish the SAML app:

  1. Click Save & Publish.

  2. Click Finish.