Configuring PingFederate Single Sign-On Integration with SAML

Using Security Assertion Markup Language (SAML), a user can use their managed account credentials to sign in to enterprise cloud applications via Single Sign-On (SSO). An Identity Provider (IdP) service provides administrators with a single place to manage all users and cloud applications. You don't have to manage individual user IDs and passwords tied to individual cloud applications for each of your users. An IdP service provides your users with a unified sign-on across all their enterprise cloud applications.

How to Configure PingFederate Single Sign-On Integration with SAML

  1. Complete the instructions in Creating an SP Connection with your IdP PingFederate.
  2. In PingFederate, from SP Connections, select the SP Connection.
  3. Click Browser SSO, then Configure Browser SSO, then the SAML Profiles tab.

  1. From the list of profiles, select SP-INITIATED.
  2. Click Next, then Next again. The Assertion Creationtab is displayed.
  3. Click Configure Assertion Creation. The Assertion Creation window is displayed.
  4. Click Attribute Contract. The Attribute Contract tab is displayed.
  5. Add email as the Attribute Contract.

  1. In PingFederate, from SP Connections, select SP Connection, then Browser SSO, then Protocol Settings, then Configure Protocol Settings, then Allowable SAML Bindings. The Allowable SSL Bindings tab is displayed.
  2. From the list of options, select REDIRECT.

  1. Click Save.
  2. In PingFederate, click Server Configuration, then ADMINISTRATIVE FUNCTIONS, then Metadata Export.
  3. Click Next. The Connection Metadata tab is displayed.
  4. Select SP Connection, and click Next. The Metadata Signing tab is displayed.
  5. Select the Signing Certificate, and click Next. The Export & Summary tab is displayed.
  6. Export the metadata file.

  1. Click Done.
  2. Open the downloaded SAML metadata file, and copy the URL located in the EntityDescriptor node>entityID attribute:
  • Then, log in to Netsparker Enterprise, and from the main menu click Settings, then Single Sign-On. The Single Sign-On window is displayed. Select the SAML tab, and then paste the URL into the IdP Identifier field.
  • Next, copy the URL from the SingleSignOnService node>Location attribute field.
  • Then in Netsparker Enterprise's Single Sign-On window, paste the URL into SAML 2.0 Endpoint field.
  • Finally, copy the content of the X509Certificate node (signing).
  • Then in Netsparker Enterprise's Single Sign-On window, paste it into the X.509 Certificate field.

  1. In Netsparker Enterprise, click Save Changes.
Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO