PingOne will automatically populate required SAML attributes.

For Amazon Managed Grafana, the required attributes are:

  • SAML_SUBJECT
  • mail
  • givenName
Note:

You must set SAML_SUBJECT to Name ID format: urn:oasis:names:tc:SAML:2.0:nameid-format:transient

  1. In the Application Attribute field, enter the attribute name as it appears in the application.
  2. In the Identity Bridge Attribute or Literal Value field, choose one of the following:
    • Enter or select a directory attribute to map to the application attribute.
    • Select As Literal, then enter a literal value to assign to the application attribute.
  3. Optional: To create advanced attribute mappings, click Advanced.
    Screen capture of PingOne SSO Attribute Mapping section with SAML_SUBJECT, mail, and displayName listed as Application Attributes.
  4. Click Continue to Next Step.