---
title: Creating a single sign-on connection
description: To allow PingFederate to handle single sign-on (SSO) to Code42, create a service provider (SP) connection.
component: code42-pingfederate
page_id: code42-pingfederate:single_sign-on_setup:pf_code42_integration_creating_a_single_sign_on_connection
canonical_url: https://docs.pingidentity.com/integrations/code42-pingfederate/single_sign-on_setup/pf_code42_integration_creating_a_single_sign_on_connection.html
revdate: June 26, 2024
section_ids:
  about-this-task: About this task
  steps: Steps
  choose-from: Choose from:
---

# Creating a single sign-on connection

To allow PingFederate to handle single sign-on (SSO) to Code42, create a service provider (SP) connection.

## About this task

|   |                                                                                                           |
| - | --------------------------------------------------------------------------------------------------------- |
|   | You can follow these steps to create a new SP connection, or you can modify your provisioning connection. |

## Steps

1. In the PingFederate administrator console, create a new SP connection:

   ### Choose from:

   * For PingFederate 10.1 or later: go to **Applications > Integration > SP Connections**. Click **Create Connection**.

   * For PingFederate 10.0 or earlier: go to **Identity Provider > SP Connections**. Click **Create Connection**.

2. On the **Connection Template** tab, select **Do not use a template for this connection**. Click **Next**.

3. On the **Connection Type** tab, select **Browser SSO Profiles** and clear any unwanted types. Click **Next**.

4. On the **Connection Options** tab, select only **Browser SSO**. Click **Next**.

5. On the **Import Metadata** tab, select **URL**, and then configure the Code42 metadata information.

   1. Click **Manage Partner Metadata URLs**.

   2. On the **SP Connection > Partner Metadata URLs** tab, click **Add New URL**.

   3. On the **SP Connection > Partner Metadata URLs > Metadata URL** tab, in the **Name** field, enter a name, such as `Code42`.

   4. In the URL field, paste the **Code42 Service Provider Metadata URL** that you noted in [Adding PingFederate as an authentication provider in Code42](pf_code42_integration_adding_pf_as_an_authentication_provider_in_code42.html). Clear the **Validate Metadata Signature** check box. Click **Next**.

   5. On the **Summary** tab, click **Done**.

   6. On the **SP Connection > Partner Metadata URLs** tab, click **Save**.

   7. On the **SP Connection > Import Metadata** tab, from the **Metadata URL** list, select the Code42 URL. Click **Load Metadata**. Click **Next**.

6. On the **General Info** tab, the basic connection information is populated by the metadata XML file. Click **Next**.

7. On the **Browser SSO** tab, configure browser SSO. Click **Next**.

   You can find a complete guide in [Configure IdP Browser SSO](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/help_spconnectionconfigtasklet_spbrowserssostate.html) in the PingFederate documentation.

   1. On the **Browser SSO > SAML Profiles** tab, select only **SP-Initiated SSO**.

   2. On the **Browser SSO > Protocol Settings > Allowable SAML Bindings** tab, select only **POST**.

   3. On the **Browser SSO > Protocol Settings > Signature Policy** tab, select **Always sign assertion**.

8. On the **Credentials** tab, configure the connection credentials.

   You can find a complete guide in [Configuring credentials](https://docs.pingidentity.com/pingfederate/latest/administrators_reference_guide/help_spconnectionconfigtasklet_credentialsstate.html) in the PingFederate documentation.

9. On the **Activation and Summary** tab, above the **Summary** section, turn on the connection. Click **Save**.