> For the complete documentation index, see [llms.txt](https://docs.adaptiva.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.adaptiva.com/platform-guide/security/configure-sso/configure-sso-pingidentity.md). # Configure SSO with PingIdentity Adaptiva integrates with PingIdentity using the Security Assertion Markup Language (SAML) protocol to enable single sign-on (SSO). In this setup, OneSite acts as the SAML service provider (SP), while PingIdentity serves as the identity provider (IdP) and is responsible for authenticating users. This allows users to log in with their PingIdentity credentials to the OneSite Platform, adding an extra layer of security. Below is a walkthrough on how to setup a relying party in PingIdentity and use the generated information to set up an OIDC provider in the OneSite Platform. ## Create Environment in PingIdentity After you have logged into your PingIdentity dashboard, you'll need to create a new Environment. 1. Click **+** next to **Environments** from the admin dashboard. 2. Choose **Customer solution** and continue through the wizard and follow any additional setup instructions for PingOne SSO. ![](/files/gEyLZizR2kS3tRD9JTyN) 3. Click **Next**. 4. Enter a **Name** and **Description** and select desired configurations from the **Services** section. 5. Click **Finish**. ## Create an Application Next you'll need to create the Adaptiva SSO application. 1. Click on the environment you just created and select **Manage Environment** ![](/files/GVXIEt8S4ulXQ0nuuj6W) 2. Select **Applications > Applications** from the side navigation. 3. Click the **+** button next to Applications. ![](/files/jRYTz8kGnkMc6CkfiqaM) 4. Enter a **Name** and a **Description**. 5. Select **SAML Application** under **Application Type**. 6. Select **Configure**. ![](/files/inGNIK4FiRUeGqu02vgg) 7. Select the **Manually Enter** radio button and enter the ACS URL in the following format: `https:////api/v1.0/authentication/saml-login` ![](/files/Z0yZmyufQUbybsdqwMZn) 8. Enter the **Entity ID**: `https://` 9. Click **Save**. 10. Select the **Download Signing Certificate** button under **Connection Details** and select the `.crt` format. * You will need this certificate later to complete the [Create the SAML Provider in the Admin Portal](#create-the-saml-provider-in-the-admin-portal) steps below. 11. Select the **Attribute Mappings** tab. 12. Select the pencil edit icon and change the PingOne map to **Email Address**. ![](/files/ZDGNFkPxjLl6gngDmhiE) ## Create a User You will need to create users to add to your group. To create a new user, please follow the steps in the [PingOne - Adding a user](https://docs.pingidentity.com/pingone/directory/p1_adduser.html) documentation. ## Create a Group Next you will need to create a Group to add your users to, then add the Group to the SAML application. Please follow the steps in this guide on how to create a group [PingOne - Create a group](https://docs.pingidentity.com/pingone/pingone_tutorials/p1_p1tutorial_create_a_group.html). ### Add a group to your application 1. Select the **Access** tab and select the pencil edit icon and select the group you'd like to add and configure any desired settings. ![](/files/3GYywKuPEJni4YO7NPst) ## Create the SAML Provider in the Admin Portal Follow the steps on the [Configure SAML](/platform-guide/security/configure-saml.md) and enter the following information from PingOne into the **SAML Settings** section below: * **Issuer ID** - Enter the **Issuer ID** from PingIdentity. * **Authentication Request URI** - Enter the **Initiate Single Sign-on URL** * **Attribute Consuming Service Index** - leave blank. * **Name ID Format** - Leave default. * **Public Key Info** - Open the Signing Certificate you downloaded in a previous step in Notepad and copy and paste in this text box. * **Audience** - Enter the **Entity ID** Adaptiva SAML settings view: ![](/files/NvaUwI8kfUzr3dqR5JZS) ## Log in page After PingIdentity and the OneSite Platform have been federated using SAML, an SSO button will appear on the login page. Once clicked, users will be redirected to a PingIdentity login page and granted access to OneSite Platform. ![](/files/LpHZI0sqjWpi8pOkFwHA) --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.adaptiva.com/platform-guide/security/configure-sso/configure-sso-pingidentity.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.