Page created: 1 Jul 2021
|
Page updated: 14 Dec 2021
| 4 min read
PingOne for Enterprise Product Single Sign-on (SSO) Capability SAML Standards, specifications, and protocols
Learn how to configure SAML SSO with Dropbox and PingOne for Enterprise.
-
Create a PingOne for Enterprise application for Dropbox:
- Sign on to PingOne for Enterprise and click Applications.
- On the SAML tab, click Add Application.
- Click Search Application Catalog and search for Dropbox.
- Click the Dropbox row.
- Click Setup.
- Select the appropriate signing certificate.
- Review the steps, and note the PingOne for Enterprise SaaS ID, IdP ID, Initiate Single Sign-on (SSO) URL, and Issuer values.
- Click Continue to Next Step.
- Ensure ACS URL is set to https://www.dropbox.com/saml_login and Entity ID is set to Dropbox.
- Click Continue to Next Step.
- In the Attribute Mapping section, in the Identity Bridge Attribute or Literal Value column of the SAML_SUBJECT row, select the attribute SAML_SUBJECT.
- Click Continue to Next Step.
- Update the Name, Description, and Category fields as required.
- Click Continue to Next Step.
- Add suitable user groups for the application.
- Click Continue to Next Step.
- Review the settings.
-
Copy the Single Sign-On (SSO) URL value to a
temporary location.
This is the IdP-initiated SSO URL that you can use for testing.
- On the Signing Certificate row, click Download You will use this for the Dropbox configuration.
- On the SAML Metadata row, click Download. You will use this for the Dropbox configuration.
- Click Finish.
-
Configure a PingOne for Enterprise IdP connection for Dropbox:
- Sign on to the Dropbox Admin Console as an administrator.
- Click Settings.
- Click the Single sign-on section.
- For Single sign-on, select Required.
-
In the Identity provider sign-in URL field,
enter the URL Location for SingleSignOnService
Location value that you retrieved from the PingOne for Enterprise SP
metadata that you downloaded.
For example, https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=<idpid>
- Upload the PingOne for Enterprise signing certificate that you downloaded.
- Click Save.
-
To test the PingOne for Enterprise IdP-initiated SSO integration, go to the
Single Sign-On (SSO) URL in the PingOne for Enterprise Application
configuration to perform IdP-initiated SSO.
https://sso.connect.pingidentity.com/sso/sp/initsso?saasid=<saasid>&idpid=<idpid>
-
Test the PingOne for Enterprise SP-initiated SSO integration configuration:
- Go to https://www.dropbox.com/login.
-
Enter your email address.
Dropbox automatically detects that single sign-on is enabled based on the email used.
-
Click Continue.
You're redirected to PingOne for Enterprise for authentication.