Adding Bomgar to Your PingOne for Enterprise Dock
Add the Bomgar application your PingOne for Enterprise dock from the application catalog.
Steps
-
In the PingOne for Enterprise admin console, go to Applications → Application Catalog.
-
Optional: In the Search field, search for the application.
-
Click the Bomgar application line to expand it and then click Setup.
-
On the SSO Instructions tab, click Download to download the signing certificate.
-
In the Bomgar admin interface, go to Users & Security → Security Providers → Add a SAML Provider.
-
In the Bomgar admin interface:
-
In the Name field, enter a name for the connection.
-
Select the Enabled check box to activate the connection.
-
In the Entity ID field, enter the Issuer value from the SSO Instructions tab in PingOne.
-
In the Single Sign-On Service URL field, enter the Initiate Single Sign-On URL value from the SSO Instructions tab in PingOne.
-
In the Certificate section, click Choose File and upload the signing certificate you downloaded previously.
-
-
In the Bomgar admin interface, click Download Service Provider Metadata.
Next steps
In PingOne for Enterprise, click Continue to Next Step.
Bomgar Connection Configuration
Steps
-
In PingOne for Enterprise, import the metadata for Bomgar:
Choose from:
-
Click Select File to upload the metadata file.
-
Click Or use URL to enter the URL of the metadata.
-
-
In the ACS URL field, enter the value from the Assertion Consumer Service URL field in the Bomgar admin interface.
-
In the Entity ID field, enter the value from the Entity ID field in the Bomgar admin interface.
-
In the Target Resource field, enter a URL to redirect the user to after IdP-initiated single sign-on (SSO).
-
In the Single Logout Endpoint field, enter a URL for PingOne to send single logout (SLO) requests to.
-
In the Single Logout Response Endpoint field, enter a URL for PingOne to send SLO responses to.
-
On the Primary Verification Certificate line, click Browse to locate and upload a local certificate file used to verify SLO requests and responses.
-
On the Secondary Verification Certificate line, click Browse to locate and upload a local certificate used to verify SLO requests and responses if the primary certificate fails.
-
Select the Force Re-authentication check box to require your identity bridge to re-authenticate users with an activeSSO session.
-
Select the Encrypt Assertion check box to encrypt outgoing SAML assertions.
-
On the Signing line:
Choose from:
-
Click Sign Assertion to have PingOne sign outgoing SAML assertions. This is the default option.
-
Click Sign Response to have PingOne sign responses to incoming SAML assertions.
-
-
From the Signing Algorithm list, select an algorithm with which to sign SAML assertions.
-
Select the Use Custom URL check box to enter a customer URL to launch Bomgar from the dock.
Next steps
Click Continue to Next Step.
Bomgar Attribute Mapping
About this task
PingOne for Enterprise will automatically populate requested SAML attributes.
For Bomgar, the populated attributes are:
-
SAML_SUBJECT
. Maps to a unique value.-
Click Advanced.
-
From the Name ID Format to send to SP list, select urn:oasis:names:tc:SAML:2.0:nameid-format:persistent.
-
Click Save to apply this format.
-
-
Username
. Map toEmail
. -
Email
. Map toEmail
. -
FirstName
. Map toFirstName
. -
LastName
. Map toLast Name
. -
Groups
. Map tomemberOf
.
Steps
-
To add an additional optional attribute, click Add new attribute.
-
In the Application Attribute field, enter the attribute name as it appears in the application.
-
In the Identity Bridge Attribute or Literal Value field, choose one of the following:
Choose from:
-
To map to the application attribute: Enter or select a directory attribute.
-
To assign to the application attribute: Select As Literal, then enter a literal value.
-
-
To create advanced attribute mappings, click Advanced.
For more information, see Create advanced attribute mappings.
Next steps
Click Continue to Next Step.
Bomgar Customization
Steps
-
To change the application icon, click Select image and upload a local image file.
The image file must be:
-
PNG, GIF, or JPG format
-
312 x 52 pixels maximum
-
2 MB maximum file size
Images are scaled to 64 x 64 pixels for display.
-
-
To change the name of the application displayed on the dock, in the Name field, enter a new name.
-
To change the description of the application, in the Description field, enter the new description text.
-
To change the category to which the application is assigned on the dock, in the Category list, select a category.
For information about creating custom application categories, see Creating a custom application category.
Next steps
Click Continue to Next Step.
Bomgar Group Access
About this task
The Group Access tab shows every user group that you have created.
For more information about creating user groups, see Add user groups.
Steps
-
To add a group’s access to the application, on the line for that group, click Add.
-
To remove a group’s access, on the line for that group, click Remove.
-
When you’re finished assigning groups, click Continue to Next Step.
Bomgar SAML connection
Steps
-
In PingOne for Enterprise, on the Review Setup tab, click Download to download the SAML metadata file.
-
Click Finish to add Bomgar to your PingOne Dock.
-
In the Bomgar admin interface, on the Identity Provider Settings tab, click Choose File and upload the PingOne metadata file.
-
Click Save Changes to activate the connection to PingOne.