Creating a connection - PingFederate

Page created: 5 Oct 2020 |

Page updated: 15 Mar 2023

| 2 min read

Product PingFederate Integration Amazon Amazon Web Services Language English Integration Content Type Product documentation Audience Administrator

To allow PingFederate to act as an identity provider and manage users in AWS IAM Identity Center, create a service provider (SP) connection.

In the PingFederate administrator console, create a new SP connection:
- For PingFederate 10.1 or later: go to Applications > Integration > SP Connections. Click Create Connection.
- For PingFederate 10.0 or earlier: go to Identity Provider > SP Connections. Click Create Connection.
Configure the basic connection details with the AWS IAM Identity Center quick connection template.
1. On the Connection Template tab, select Use a template for this connection.
2. From the Connection Template list, select AWS SSO Cloud Connector.
3. On the Metadata File row, upload the sp-saml-metadata.xml file that you saved in Registering PingFederate as an identity provider in AWS Single Sign-On. Click Next.
4. On the Connection Type tab select Browser SSO Profiles and Outbound Provisioning. Click Next.
5. On the Connection Options tab, click Next.
6. On the General Info tab, in the Connection Name field, enter a name of your choosing. Click Next.
On the Browser SSO tab, configure your assertion creation settings and customize the defaults set by the metadata file.
For help, see Configuring IdP Browser SSO in the PingFederate documentation.
On the Credentials tab, configure the connection credentials as shown in Configuring credentials in the PingFederate documentation. Click Next.
On the Outbound Provisioning tab, configure provisioning with the following details.
For help, see Configuring outbound provisioning in the PingFederate documentation.
1. On the Target tab, complete the SCIM URL and Access Token fields with the values that you noted in Registering PingFederate as an identity provider in AWS Single Sign-On.
2. Under Provisioning Options, customize the provisioning connector behavior by referring to Provisioning options reference. Click Next.
3. On the Manage Channels > Attribute Mapping tab, at the bottom of the attribute list, click Refresh Fields to get fields and specifications from your AWS IAM Identity Center site. Complete the attribute mappings by referring to Supported attributes reference.
  For help, see Managing channels in the PingFederate documentation.
On the Activation and Summary tab, above the Summary section, click the toggle to turn on the connection. Click Save.