Creating a single sign-on connection
To allow PingFederate to handle single sign-on (SSO) to Code42, create a service provider (SP) connection.
About this task
You can follow these steps to create a new SP connection, or you can modify your provisioning connection. |
Steps
-
In the PingFederate administrator console, create a new SP connection:
-
For PingFederate 10.1 or later: go to Applications → Integration → SP Connections. Click Create Connection.
-
For PingFederate 10.0 or earlier: go to Identity Provider → SP Connections. Click Create Connection.
-
-
On the Connection Template tab, select Do not use a template for this connection. Click Next.
-
On the Connection Type tab, select Browser SSO Profiles and clear any unwanted types. Click Next.
-
On the Connection Options tab, select only Browser SSO. Click Next.
-
On the Import Metadata tab, select URL, and then configure the Code42 metadata information.
-
Click Manage Partner Metadata URLs.
-
On the SP Connection → Partner Metadata URLs tab, click Add New URL.
-
On the SP Connection → Partner Metadata URLs → Metadata URL tab, in the Name field, enter a name, such as
Code42
. -
In the URL field, paste the Code42 Service Provider Metadata URL that you noted in Adding PingFederate as an authentication provider in Code42. Clear the Validate Metadata Signature check box. Click Next.
-
On the Summary tab, click Done.
-
On the SP Connection → Partner Metadata URLs tab, click Save.
-
On the SP Connection → Import Metadata tab, from the Metadata URL list, select the Code42 URL. Click Load Metadata. Click Next.
-
-
On the General Info tab, the basic connection information is populated by the metadata XML file. Click Next.
-
On the Browser SSO tab, configure browser SSO. Click Next.
For a complete guide, see Configure IdP Browser SSO in the PingFederate documentation.
-
On the Browser SSO → SAML Profiles tab, select only SP-Initiated SSO.
-
On the Browser SSO → Protocol Settings → Allowable SAML Bindings tab, select only POST.
-
On the Browser SSO → Protocol Settings → Signature Policy tab, select Always sign assertion.
-
-
On the Credentials tab, configure the connection credentials.
For a complete guide, see Configuring credentials in the PingFederate documentation.
-
On the Activation and Summary tab, above the Summary section, turn on the connection. Click Save.