Configuration Guides

Configuring SAML SSO with Egnyte and PingOne for Enterprise

Learn how to enable Egnyte sign-on from the PingOne for Enterprise console (IdP-initiated sign-on) and direct Egnyte sign-on using PingOne for Enterprise (SP-initiated sign-on).

Before you begin

  • Link PingOne for Enterprise to an identity repository containing the users requiring application access.

  • Populate Egnyte with at least one user to test access.

  • You must have administrative access to PingOne for Enterprise and Egnyte.

Update the supplied Egnyte application in PingOne for Enterprise

  1. Sign on to PingOne for Enterprise and go to Applications → Application Catalog.

  2. Search for Egnyte.

    Screen capture of PingOne for Enterprise Application Catalog with Egnyte displayed as the search result and the expansion arrow in the table highlighted in red.

  3. Expand the Egnyte entry and click the Setup icon.

  4. Copy the Issuer and IdP ID values.

  5. Download the signing certificate.

    Screen capture of PingOne for Enterprise SSO instructions with the Download signing certificate, IdP ID, and Issuer values redacted and highlighted in red.

  6. Click Continue to Next Step.

  7. Set ACS URL to https://Your-Egnyte-domain.egnyte.com/samlconsumer/PingIdentity.

  8. Click Continue to Next Step twice.

  9. In the Attribute Mapping section, map SAML_SUBJECT to the attribute containing the user’s email address.

  10. Click Continue to Next Step twice.

  11. Click Add for all user groups that should have access to Egnyte.

    Screen capture of PingOne for Enterprise Application GroupAccess section.

  12. Click Continue to Next Step.

  13. Click Finish.

Add the PingOne for Enterprise IdP connection to Egnyte

  1. Sign on to your Egnyte Admin organization as an administrator.

  2. Click the menu icon and then click Settings.

    Screen capture of Egnyte menu icon and Settings highlighted in red.

  3. Click the Security and Authentication tab.

    Screen capture of Egnyte Configuration Settings with Security & Authentication highlighted in red.

  4. In the Single sign-on authentication list, select SAML 2.0.

  5. In the Identity provider list, select Ping Identity.

  6. Set the following values:

    Field Value

    Identity provider login URL

    https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=IdP-ID-value

    Identity provider entity ID

    The Issuer value from above.

    Identity provider certificate

    In a text editor, open the signing certificate that you downloaded. Copy and paste the contents.

    Default user mapping

    Email address

  7. Click Save.

  8. Go to Settings → Users and Groups.

  9. Select the appropriate users and set their AuthType to SSO.

Test the PingOne for Enterprise IdP-initiated SSO integration

  1. Go to our Ping desktop as a user with Egnyte access.

    To find the Ping desktop URL in the Admin console, go to Setup → Dock → Dock URL.

  2. Complete the PingOne for Enterprise authentication.

    You’re redirected to your Egnyte domain.

    Screen capture of PingOne for Enterprise sign on screen.

Test the PingOne for Enterprise SP-initiated SSO integration

  1. Go to https://Your-Egnyte-domain.Egnyte.com.

  2. Select the PingOne for Enterprise sign-on option.

  3. After you’re redirected to PingOne for Enterprise, enter your PingOne for Enterprise username and password.

    Screen capture of PingOne for Enterprise sign on screen.

    You’re redirected back to Egnyte.