Configuration Guides

Configuring SAML SSO with Jive and PingOne for Enterprise

Learn how to configure SAML SSO with Jive and PingOne for Enterprise.

About this task

The following table details the references that are used within this guide that are environment specific. Replace these with the suitable value for your environment.

Reference Description

jiveinstance

The host and port for the Jive instance.

The following configuration is untested and is provided as an example. Additional steps might be required.

Create a PingOne for Enterprise Application for Jive

  1. Sign on to the Jive Admin Console and enable single sign-on:

    1. Go to People → Settings → Single Sign-On → SAML.

    2. Check Enabled.

    3. Click Save.

    4. Restart Jive.

      Until SAML configuration is complete, you’ll need to sign on by going directly to the admin console, http://jiveinstance/admin.

  2. Download the Jive Metadata from http://jiveinstance/saml/metadata.

  3. Sign on to PingOne for Enterprise and click Applications.

  4. On the SAML tab, click Add Application.

    Screen capture of PingOne for Enterprise My Applications page with the Add Application drop down list selected.

  5. Click Search Application Catalog and search for Jive.

  6. Click the Jive - Production row or click Jive – UAT for a non-production environment.

    Screen capture of PingOne for Enterprise Application Catalog with Jive - Production and Jive - UAT displayed as search results for

  7. Click Setup.

  8. Select the appropriate signing certificate from the list.

  9. Review the steps, and note the PingOne for Enterprise SaaS ID, IdP ID, Single Sign-on URL, and Issuer values.

  10. Click Continue to Next Step.

  11. On the Upload Metadata row, click Select File, and upload the Jive metadata file that you previously downloaded.

    Screen capture of PingOne for Enterprise Connection Configuration settings with the fields for ACS URL, Entity ID, and Primary Verification Certificate redacted.

  12. Click Continue to Next Step.

  13. In the Attribute Mapping section, complete the attribute mappings as required.

    Screen capture of PingOne for Enterprise Attribute Mapping section with sAMAccountName, givenName, sn, mail, and objectGUID listed as application attributes.

  14. Click Continue to Next Step.

  15. Update the Name, Description, and Category fields as required.

    Screen capture of PingOne for Enterprise App Customization settings for Jive - Production.

  16. Click Continue to Next Step.

  17. Add suitable user groups for the application.

    Screen capture of PingOne for Enterprise Application Group Access section.

  18. Click Continue to Next Step.

  19. Review the settings.

    Screen capture of PingOne for Enterprise Review Setup section with all fields customized for the Jive - Production app.

    Continuing from the last screen capture, the PingOne for Enterprise Review Setup section displaying SSO and SAML connection information as well as the Application Attribute table for review.

  20. Copy the Single Sign-On (SSO) URL value to a temporary location.

    This is the IdP-initiated SSO URL that you can use for testing.

  21. On the Signing Certificate row, click Download. You’ll use this for the Jive configuration.

  22. On the SAML Metadata row, click Download. You’ll use this the Jive configuration.

  23. Click Finish.

Configure the PingOne for Enterprise IdP connection for Jive

  1. Sign on to the Jive Admin Console and go to People → Settings → Single Sign-On → SAML.

  2. On the IdP Metadata tab, copy the contents of the metadata file into the metadata field.

  3. Click Save All SAML Settings.

  4. On the User Attribute Mapping tab, map the user attributes in the Jive profile to the attributes configured in PingOne for Enterprise.

  5. Optional: Select Group Mapping Enabled if you want to assign users to groups using a group attribute passed in the assertion.

  6. Click Save Settings.