Configuring PingOne Cloud as an Identity Provider
This topic describes how to set up PingOne Cloud as your identity provider by configuring SAML integration in both Pivotal Cloud Foundry (PCF) and PingOne Cloud.
- Log into the Single Sign-On (SSO) Operator Dashboard at
https://p-identity.YOUR-SYSTEM-DOMAINas a Plan Administrator.
Select your plan and click Manage Identity Providers on the drop-down menu.
Click Configure SAML Service Provider.
(Optional) Select Perform signed authentication requests to enforce SSO private key signature and identity provider validation.
(Optional) Select Require signed assertions to validate the origin of signed responses.
Click Download Metadata to download the service provider metadata.
Sign in as a PingOne Cloud administrator.
Navigate to your application by clicking on the Applications tab.
Click the Add Application button and choose New SAML Application.
Enter the Application Name, Application Description, Category and any Graphics.
Click the Continue to Next Step button to configure SAML.
In the Application Configuration section, perform the following steps:
- Select I have the SAML configuration.
- For SAML Metadata, click Download to download the identity provider metadata.
- For Protocol Version, select SAML v 2.0.
- For Upload Metadata, click Select File and select the service provider metadata.
- Click the Continue to Next Step button.
(Optional) Under SSO Attribute Mapping, specify any application or group attributes that you want to map to users in the ID token.
Click the Save & Publish button followed by the Finish button.