Page created: 26 May 2021
|
Page updated: 14 Dec 2021
Learn how to enable Coupa sign on from a PingFederate URL (IdP-initiated sign on) and direct Coupa sign on using PingFederate (SP-initiated sign on).
- Configure PingFederate to authenticate against an IdP or datastore containing the users requiring application access.
- Populate Coupa with at least one user to test access.
- You must have administrative access to PingFederate and Coupa.
-
Download the Coupa metadata:
- Sign on to your Coupa Admin organization as an administrator.
- Go to https://<your_site>.coupahost.com/administration/security.
- Select the Sign in using SAML check box.
- Click the Download and import SP metadata link.
- Save the Coupa metadata.
-
Create a PingFederate SP
connection for Coupa:
-
Add the PingFederate IdP
Connection to Coupa:
- Sign on to your Coupa Admin organization as an administrator.
- Go to https://<your_site>.coupahost.com/administration/security.
- Make sure that the Sign in using SAML check box is selected.
- In the Upload IdP metadata section, click Choose File.
- Select the PingFederate metadata file and import it.
- In the Certificate field, upload the PingFederate signing certificate.
- Click Save.
- Click the Users tab and edit the users who will use SAML authentication.
- Set Single Sign-On ID to the value users will use to sign on, for example, their email address.
- Set Authentication method to SAML.
- Click Save.
-
Test the PingFederate
IdP-initiated SSO integration:
-
Test the PingFederate
SP-initiated SSO integration: