Configure SSO with PingIdentity
Adaptiva integrates with PingIdentity using the Security Assertion Markup Language (SAML) protocol to enable single sign-on (SSO). In this setup, OneSite acts as the SAML service provider (SP), while PingIdentity serves as the identity provider (IdP) and is responsible for authenticating users. This allows users to log in with their PingIdentity credentials to the OneSite Platform, adding an extra layer of security.
Below is a walkthrough on how to setup a relying party in PingIdentity and use the generated information to set up an OIDC provider in the OneSite Platform.
Create Environment in PingIdentity
After you have logged into your PingIdentity dashboard, you'll need to create a new Environment.
Click + next to Environments from the admin dashboard.
Choose Customer solution and continue through the wizard and follow any additional setup instructions for PingOne SSO.
Click Next.
Enter a Name and Description and select desired configurations from the Services section.
Click Finish.
Create an Application
Next you'll need to create the Adaptiva SSO application.
Click on the environment you just created and select Manage Environment
Select Applications > Applications from the side navigation.
Click the + button next to Applications.
Enter a Name and a Description.
Select SAML Application under Application Type.
Select Configure.
Select the Manually Enter radio button and enter the ACS URL in the following format:
https://<adaptiva-server-FDQN:PORT>//api/v1.0/authentication/saml-login
Enter the Entity ID:
https://<adaptiva-server-fdqn:PORT>Click Save.
Select the Download Signing Certificate button under Connection Details and select the
.crtformat.You will need this certificate later to complete the Create the SAML Provider in the Admin Portal steps below.
Select the Attribute Mappings tab.
Select the pencil edit icon and change the PingOne map to Email Address.
Create a User
You will need to create users to add to your group. To create a new user, please follow the steps in the PingOne - Adding a user documentation.
Create a Group
Next you will need to create a Group to add your users to, then add the Group to the SAML application. Please follow the steps in this guide on how to create a group PingOne - Create a group.
Add a group to your application
Select the Access tab and select the pencil edit icon and select the group you'd like to add and configure any desired settings.
Create the SAML Provider in the Admin Portal
Follow the steps on the Configure SAML and enter the following information from PingOne into the SAML Settings section below:
Issuer ID - Enter the Issuer ID from PingIdentity.
Authentication Request URI - Enter the Initiate Single Sign-on URL
Attribute Consuming Service Index - leave blank.
Name ID Format - Leave default.
Public Key Info - Open the Signing Certificate you downloaded in a previous step in Notepad and copy and paste in this text box.
Audience - Enter the Entity ID
Adaptiva SAML settings view:
Log in page
After PingIdentity and the OneSite Platform have been federated using SAML, an SSO button will appear on the login page. Once clicked, users will be redirected to a PingIdentity login page and granted access to OneSite Platform.
Last updated
Was this helpful?