---
title: Configuring single sign-on in Contentful
description: Complete the connection by entering your PingFederate URL and certificate in Contentful.
component: contentful
page_id: contentful:configuring_single_sign-on:pf_contentful_integration_configuring_single_sign_on_in_contentful
canonical_url: https://docs.pingidentity.com/integrations/contentful/configuring_single_sign-on/pf_contentful_integration_configuring_single_sign_on_in_contentful.html
revdate: June 26, 2024
section_ids:
  steps: Steps
---

# Configuring single sign-on in Contentful

Complete the connection by entering your PingFederate URL and certificate in Contentful.

## Steps

1. On the Contentful admin console, go to **Organization settings > Single Sign-On (SSO)**.

2. In the **SSO provider** list, select **Ping Identity**.

3. In the **Single Sign-On Redirect URL** field, enter `https://pf_host:pf_port/idp/SSO.saml2`.

   For example, https\://pf.example.com:9031/idp/SSO.saml2.

4. Using a text editor, copy the contents of the `.crt` file that you downloaded in [Exporting your PingFederate signing certificate](pf_contentful_integration_exporting_your_pf_signing_certificate.html).

5. In the **X.509 Certificate** field, paste the contents of the certificate file.

   ![A screen shot that shows the Your SSO provider details section with the redirect URL and X.509 Certificate entered in.](_images/nfk1616622227694.jpg)

6. Click **Test connection**.

7. In the **SSO name** field, type a friendly name for the connection.

8. Check your settings. After enabling SSO in the next step, the only way to change your SSO settings is to contact Contentful.

9. Click **Enable SSO**.

10. **Optional:** If you want SSO to be the only sign-on method, contact Contentful and ask for [Restricted SSO](https://www.contentful.com/faq/sso/?utm_source=webapp\&utm_medium=idp-setup-form\&utm_campaign=in-app-help/). This prevents users from signing on using email or third-party services, such as GitHub, Google, or Twitter.