Single Sign-On with Ping Identity

In this tutorial, you will learn how to integrate your Updraft Organization with your Ping Identity Users Directory through SAML. Please follow the next steps.

Step 1 - Obtain the SAML Provider Details from Updraft

Only Owner of an Updraft Organization is able to add an SSO Integration

Open your Account Settings as an Owner
Go to the Security Page
Click Add new SSO
Click CUSTOM SSO
You will see now your SAML configuration
Store them

Step 2 - Add a New App in Ping Identity

Login to your Ping Identity Console
Click on Applications.
Then select the Application section and click on the blue circular + button at the top of the page.
Enter your Application Name, select SAML Application, and click the Configure button when available.

From the SAML Configuration, select Manually Enter, then enter your Single Sign On URL and Audience Restriction from Step 1.
Click the Save Button.

Step 3 - Configure Ping Identity Single Sign-On with SAML

From the Applications page, locate and select the application you just created, then enable the toggle switch.

Select the application and go to the Attribute Mapping tab. Click the pencil icon to edit the mappings.
1. For the saml_subject attribute, select Email Address from the PingOne Mappings drop-down and click + Add.
2. Next, add email to the Attributes field, select Email Address from the drop-down, and click + Add.
3. Next, add frist_name to the Attributes field, select Given Name from the drop-down, and click + Add.
4. Then, add last_name to the Attributes field, choose Family Name from the drop-down, and click + Add.
5. Then, add username to the Attributes field, choose Email Address from the drop-down, and click + Add.
6. Finally, add groups to the Attributes field, select Group Names from the drop-down, and click + Add.
Once configured, click the Save Button.

On the Access tab:
- If you want to restrict who can access the SSO app, create another user group in your Ping Identity console and assign it to the SSO app.

Step 4 - Download the Metadata XML file from Ping Identity

Select the Configuration tab and click the pencil icon to edit the configuration. Choose the Sign Assertion & Response option, then click Save to apply your changes.

Once the configuration is complete, you will need to click on the Download Metadata button, as this will download the Metadata XML to complete the integration in Updraft.

Step 5 `-` Upload the .xml metadata to your Updraft Organization

Click Choose File and select your Metadata XML file
Click Save

Step 6 - verify the integration

After following all the above steps, log in to your Updraft account to verify that you are now able to sign in with your Custom SSO (Ping Identity).

If the integration was successful:

If you are opening your subdomain.getupdraft.com/login page you will see the Login with Custom SSO Button
When your assigned Users click on the Login with SSO Button they will be redirected to the Ping Identity login page
upon successful authentication with Ping Identity, your users will be logged into Updraft automatically and redirected to the dashboard page of Updraft
A new account for your uses will be created in Updraft after they logged-in the first time
Now you can assign projects and apps to your users.

If you encounter any issues, please refer back to the previous steps or reach out to the support team for assistance.

PreviousSingle Sign-On with JumpCloud NextCustom SSO (SAML)

Last updated 1 month ago