Managing PingOne for Enterprise settings
You can configure PingOne for Enterprise’s general settings and single sign-on (SSO) settings, and enable and configure a RADIUS server to integrate PingID with a VPN.
About this task
Go to System → External Systems → PingOne for Enterprise Settings, configure various PingOne for Enterprise integration settings and optionally enable and configure a built-in RADIUS server to integrate PingID with your VPN.
Configuring PingOne for Enterprise settings
To configure the PingOne for Enterprise settings, adjust the various integration settings.
Steps
-
Go to System → PingOne for Enterprise Settings.
-
Configure the PingOne for Enterprise integration settings. For more information, see the following table.
Field Description Enable Single Sign-On from PingOne to the PingFederate Administrative Console
Toggles the ability to sign on to the administrative console using the PingOne admin portal credentials.
Enable Monitoring of PingFederate from PingOne
Toggles the ability to monitor your PingFederate server (or servers in a clustered environment) from the PingOne admin portal
Rotate Key
Update the authentication key that PingFederate uses to communicate with PingOne for Enterprise.
Periodic rotation can ensure optimal security of your environment. +
PingFederate also automatically rotates the signing certificate used by the managed service provider (SP) connection. For more information, see Managed SP connection to PingOne for Enterprise and signing certificate.
Launch PingOne Admin Portal
Use to access the PingOne admin portal.
Disconnect from PingOne
Use to disconnect PingFederate from your PingOne account.
This is applicable if you have made changes that you should not propagate to your PingOne for Enterprise account.
For instance, you have two PingFederate environments, testing and production. The production PingFederate server is configured with a managed SP connection to PingOne for Enterprise, but the PingFederate test server is not. You have just exported a configuration archive from the production server and imported it to the test server. As soon as the configuration archive is imported, the administrative console prompts you to decide whether to update PingOne for Enterprise or to disconnect from PingOne for Enterprise. In this example, you should disconnect the test server from PingOne for Enterprise so that nothing is uploaded to your PingOne for Enterprise account from the test server.
-
Save your configuration.
Configuring PingOne for Enterprise SSO settings
About this task
Use PingOne for Enterprise to enable single sign-on (SSO) and upload configuration changes to your account.
Steps
-
To enable single sign-on (SSO) through PingOne for Enterprise, click Identity Repository Configuration.
This is applicable if you have not yet completed the PingOne SSO configuration in the past, which would have created a managed service provider (SP) connection to PingOne for Enterprise.
-
To upload configuration changes to your PingOne account, go to the PingOne for Enterprise settings window and select Update PingOne Identity Repository, then confirm your decision.
This is applicable if you have made changes that you should propagate to your PingOne for Enterprise account.
For example, you are about to set up a new SAML application on PingOne for Enterprise that requires a telephone number of the user. Because the current attribute contract in the managed SP connection does not include an attribute for telephone number, you extend the attribute with a new attribute,
PrimaryTelephone. After the connection is saved, the administrative console prompts you to decide whether to update PingOne for Enterprise or to disconnect from PingOne for Enterprise. In this example, you should upload the new configuration to PingOne for Enterprise so that the newPrimaryTelephoneattribute is made available when you set up the new SAML application in PingOne for Enterprise.
Enabling and configuring the built-in RADIUS server to integrate PingID with your VPN
About this task
Use the PingID VPN (RADIUS) configuration wizard to merge PingID with your own VPN.
Steps
-
Click PingID Configuration to open the PingID VPN (RADIUS) configuration wizard.
This is applicable if you have not completed the PingID VPN (RADIUS) configuration in the past, which would have created a PingID provisioning connection, an instance of the PingID password credential validator (PCV), or both.
-
Use the wizard to configure the server.