Registering PingFederate as an identity provider in Workplace
To allow PingFederate to coordinate authentication for Workplace from Facebook, export your signing certificate and configure SAML in Workplace from Facebook.
About this task
To configure Workplace from Facebook for single sign-on (SSO), you require the following details from PingFederate.
-
SAML URL, such as https://pf_host:pf_port/idp/SSO.saml2
-
SAML 2.0 Entity ID that you set in Enabling provisioning and single sign-on in PingFederate
-
SAML certificate
-
This is the public signing certificate from PingFederate used to sign the SAML assertion (configured in your SP connection). For more information, see Managing digital signing certificates and decryption keys in the PingFederate documentation.
-
The following section describes the steps to configure SSO in Workplace from Facebook. For more information, see Single Sign On Authentication in the Workplace from Facebook documentation.
Steps
-
In PingFederate, export your signing certificate.
-
On the PingFederate admin console, go to Security > Signing & Decryption Keys & Certificates.
-
For the certificate that you want to use, in the Action column, click Export.
-
On the Export Certificate tab, click Next.
-
On the Export & Summary tab, click Export.
-
Open the
***********.crt
file in a text editor and copy the contents.
-
-
Sign on to Workplace from Facebook as an administrator.
-
Go to Admin Panel > Security.
-
On the Authentication tab, select the Single-sign on (SSO) check box.
-
If you want to prevent users from signing on without SSO, clear the Password check box.
-
In the SSO Providers section, click Add new SSO Provider or open preferences for an existing one.
-
In the Name field, enter a name of your choosing.
-
In the SAML URL field, enter your PingFederate SSO endpoint. For example,
https://pf_host:pf_port/idp/SSO.saml2
. -
In the SAML Issuer URL field, enter the PingFederate SAML 2.0 Entity ID that you set in Enabling provisioning and single sign-on in PingFederate.
-
In the SAML Certificate field, paste the contents of the
***********.crt
file that you exported from PingFederate. -
Click Test SSO. Resolve any issues that are reported, and then click Save.