Enabling provisioning and single sign-on in PingFederate
To use PingFederate for provisioning and single sign-on, configure an external datastore and set a SAML entity ID.
About this task
Your external datastore acts as the source of data for provisioning. PingFederate also uses an internal datastore to store the state of synchronization between the source datastore and the target datastore.
For more information, see Datastores and Configuring outbound provisioning settings in the PingFederate documentation.
Enabling provisioning and single sign-on in PingFederate 10.1 or later
Steps
-
In the PingFederate administrative console, configure the datastore for PingFederate to use as the source of user data.
For help, see Datastores in the PingFederate documentation.
-
Go to System → Server → Protocol Settings → Federation Info.
-
In the SAML 2.0 Entity ID field, enter a name for PingFederate to use when identifying itself to SAML partners.
-
On the Outbound Provisioning tab, in the Provisioner Data Store list, select the internal database that will store the synchronization state. Click Save.
For more information, see Configuring outbound provisioning settings in the PingFederate documentation.
Enabling provisioning and single sign-on in PingFederate 10.0 or earlier
Steps
-
In the PingFederate administrative console, configure the datastore for PingFederate to use as the source of user data.
For help, see Datastores in the PingFederate documentation.
-
Go to System → Protocol Settings → Roles & Protocols.
-
Select the Enable Identity Provider IdP Role and Support the Following check box.
-
Select the SAML 2.0 and Outbound Provisioning check boxes. Click Next.
-
Click the Federation Info tab.
-
In the SAML 2.0 Entity ID field, enter a name for PingFederate to use to identify itself to SAML partners.
-
On the Outbound Provisioning tab, in the Provisioner Data Store list, select the internal database that will store the synchronization state. Click Save.
For more information, see Configuring outbound provisioning settings in the PingFederate documentation.