Learn how to configure SAML single sign-on (SSO) with Freshworks and PingOne.
You must have a Business level or higher plan in Freshworks. For more information, see https://support.freshworks.com/support/solutions/articles/237923.
-
Configure SSO in Freshworks:
-
Sign on to your Freshworks Admin account homepage and go to the
Security tab.
-
On the Security Settings page, in the
Default Login Methods section, click the
right arrow.
-
On the corresponding Login Methods page, click
the SSO Login toggle.
The Configure SSO panel opens.
-
On the Configure SSO panel, in the
IdP of your choice section, click
SAML.
-
On the Set up SSO with SAML page, in the
Map information in IdP section, note the
Assertion Consumer Services (ACS) URL and
Service Provider (SP) Entity ID values, and
click Download Metadata.
-
Sign on to your Freshworks Admin account homepage and go to the
Security tab.
-
Configure SSO in PingOne:
- In PingOne, go to Connections > Applications.
-
Click the + icon next to
Applications.
Important:
You will use the settings displayed on Step 1.e. to begin configuring Freshworks within PingOne.
- On the New Application page, click Advanced Configuration.
-
In the Choose Connection Type list, on the
SAML line, click
Configure.
-
In Create App Profile, enter the values
for:
- Application Name (Required)
- Description (Optional)
- Icon (Optional)
-
On the Configure SAML Connection page, in
the Provide App Metadata section, click
Import Metadata and upload the metadata
downloaded previously. Click Import.
After import, all necessary fields will auto populate except for the Assertion Validity Duration.
- In the Assertion Validity Duration field, enter a valid duration value (in seconds), such as 3600.
-
In the Signing Key section, select
Download Signing Certificate and download in
the X509 PEM (.crt) format. Make sure that
Sign Assertion & Response is selected,
then click Save and Continue.
-
On the Attribute Mapping page, enter the values
for the following attributes:
- Email Address = saml_subject
- givenName
- LastName
- mobile
- phone
- Click Save and Close to finalize the creation of the application.
-
After you create the application, to enable it, click the toggle next
to the application.