Page created: 1 Jul 2021
|
Page updated: 14 Dec 2021
| 4 min read
PingOne for Enterprise Product Single Sign-on (SSO) Capability SAML Standards, specifications, and protocols
Learn how to configure SAML SSO with Dropbox and PingOne for Enterprise.
-
Create a PingOne for Enterprise application for Dropbox:
- Sign on to PingOne for Enterprise and click Applications.
-
On the SAML tab, click Add
Application.
- Click Search Application Catalog and search for Dropbox.
-
Click the Dropbox row.
- Click Setup.
- Select the appropriate signing certificate.
-
Review the steps, and note the PingOne for Enterprise
SaaS ID, IdP ID,
Initiate Single Sign-on (SSO) URL, and
Issuer values.
- Click Continue to Next Step.
-
Ensure ACS URL is set to
https://www.dropbox.com/saml_login and
Entity ID is set to
Dropbox.
- Click Continue to Next Step.
-
In the Attribute Mapping section, in the
Identity Bridge Attribute or Literal Value
column of the SAML_SUBJECT row, select the
attribute SAML_SUBJECT.
- Click Continue to Next Step.
-
Update the Name,
Description, and
Category fields as required.
- Click Continue to Next Step.
- Add suitable user groups for the application.
-
Click Continue to Next Step.
-
Review the settings.
-
Copy the Single Sign-On (SSO) URL value to a
temporary location.
This is the IdP-initiated SSO URL that you can use for testing.
- On the Signing Certificate row, click Download You will use this for the Dropbox configuration.
- On the SAML Metadata row, click Download. You will use this for the Dropbox configuration.
- Click Finish.
-
Configure a PingOne for Enterprise IdP connection for Dropbox:
-
Sign on to the Dropbox Admin Console as an administrator.
- Click Settings.
-
Click the Single sign-on section.
-
For Single sign-on, select
Required.
-
In the Identity provider sign-in URL field,
enter the URL Location for SingleSignOnService
Location value that you retrieved from the PingOne for Enterprise SP
metadata that you downloaded.
For example, https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=<idpid>
- Upload the PingOne for Enterprise signing certificate that you downloaded.
- Click Save.
-
Sign on to the Dropbox Admin Console as an administrator.
-
To test the PingOne for Enterprise IdP-initiated SSO integration, go to the
Single Sign-On (SSO) URL in the PingOne for Enterprise Application
configuration to perform IdP-initiated SSO.
https://sso.connect.pingidentity.com/sso/sp/initsso?saasid=<saasid>&idpid=<idpid>