Dropbox Provisioner

Completing setup of SAML SSO to Dropbox

The following section describes the steps for configuring service provider (SP)- and identity provider (IdP)-initiated single sign-on (SSO) to Dropbox.

About this task

This section requires two pieces of information from PingFederate:

  • The PingFederate SSO Application Endpoint, which can be found on the Activation & Summary page, in the SP Connection section

  • The exported certificate used to sign the SAML assertion (configured in Creating a connection)

Steps

  1. Go to https://www.dropbox.com/team/admin/ and sign on with your team owner credentials.

  2. Go to Authentication to view the Single sign-on section.

  3. Select the Enable single sign-on check box and click Optional or Required based on your SSO requirements.

  4. In the Sign in URL field, enter the PingFederate SSO Application endpoint.

    https://pf_host:pf_port/idp/startSSO.ping?PartnerSpId=connection_id

    where:

    • pf_host is the machine running the PingFederate server.

    • pf_port is the PingFederate port (default value: 9031).

    • connection_id is the connection ID of the SP connection, for example, https://www.dropbox.com/.

  5. Import the signing certificate into the X.509 certificate field.

    Scren capture of the Authentication section showing Enable single sign-on selected and Required clicked.

  6. Click Save Changes to complete the Dropbox SSO setup.

    Result:

    When saved, emails are sent to team members to instruct them on how to initiate signing on.