Configure PingFederate for SSO
About this task
To configure a connection for single sign-on to Evernote, follow the instructions in this section. Outbound provisioning details are managed within an SP connection and may be added to an existing SP connection.
Single sign-on is required for SCIM provisioning with Evernote. SCIM is only available in Evernote Business accounts created on or after September 15, 2017. For more information, see How to determine when an Evernote Business account was created. |
Steps
-
Create a new SP connection or select an existing SP connection from the SP Configuration menu.
-
On the Connection Template screen, select Use a template for this connection and choose Evernote Connector from the Connection Template drop-down list. When asked during the connection configuration steps, import the
evernote-saml-metadata.xml
packaged with this connector.If this selection is not available, verify the connector installation and restart PingFederate.
-
On the Connection Type screen, ensure that the Browser SSO Profiles checkbox is selected and the Outbound Provisioning checkbox is cleared.
-
On the General Info screen, the default values are taken from the metadata file you selected in an earlier step. We recommend using the metadata default values.
-
Click Next to continue the Browser SSO configuration.
For more information, see the following sections under Identity provider SSO configuration:
-
On the Attribute Contract screen, set the Subject Name Format for SAML_SUBJECT to the below value:
-
urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
-
-
On the authentication adapter’s Attribute Contract Fulfillment screen, map SAML_SUBJECT to email address. Evernote requires SAML_SUBJECT to contain the user’s email address, which must match the Evernote user’s business email address.
-
On the Credentials → Digital Signature Settings screen, select the signing certificate.
-
On the Activation & Summary screen, set Connection Status to ACTIVE, then click Save.
If you are not ready to complete the SSO configuration, you can click Save and return to the configuration page later. To return to the configuration page, select the connection from Identity Provider → SP Connections → Manage All.