Page created: 24 Jul 2019
|
Page updated: 8 Feb 2022
| 1 min read
Facebook Workplace by Facebook Other Documents Integrations Language English Integration Content Type Product documentation Audience Administrator
To enable single sign-on (SSO) to Workplace from Facebook, modify the provisioning connection that you created in Creating a provisioning connection.
-
On the PingFederate administrator console, open your existing SP
connection.
- For PingFederate 10.1 or later: go to Applications > Integration > SP Connections. Select your connection.
- For PingFederate 10.0 or earlier: go to Identity Provider > SP Connections. Select your connection.
- On the Connection Type tab select Browser SSO Profiles. Click Next.
-
On the Browser SSO tab, configure your SSO
settings.
- Go to Browser SSO > SAML Profiles and select only IdP-Initiated SSO and SP-Initiated SSO.
- Go to Browser SSO > Assertion Creation > Attribute Contract. For SAML_SUBJECT, select urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress.
-
On the Authentication Policy Mapping tab, select
or create an authentication source that maps
SAML_SUBJECT
to an email attribute that matches the email addresses used in Workplace from Facebook.
For configuration help, see Configuring IdP Browser SSO in the PingFederate documentation.
-
On the Credentials tab, configure the connection
credentials as shown in Configuring credentials in the
PingFederate documentation.
- On the Digital Signature Settings tab, from the Signing Certificate list, select the certificate that you want to use with Workplace from Facebook.
- On the Activation and Summary tab, above the Summary section, click the toggle to turn on the connection. Click Save.