Page created: 17 Mar 2020
|
Page updated: 14 Nov 2022
| 2 min read
Product PingOne for Enterprise Administration User task Product documentation Content Type Administrator Audience IDaaS Deployment Method Single Sign-on (SSO) Capability Managed service provider
Add the Salesforce application your PingOne for Enterprise Dock from the application catalog.
- In the PingOne for Enterprise admin console, go to Applications > Application Catalog.
- Optional: In the Search field, search for the application.
- Click the Salesforce application line to expand it, and then and click Setup.
- On the SSO Instructions tab, click Download to download the signing certificate.
- In a separate tab or window, sign on to the Salesforce admin portal.
- In Salesforce, go to Setup > Administer > Security Controls > Single Sign-On Settings.
- Select the SAML Enabled check box.
- In the Name field, enter a name for the connection to PingOne.
- In the Issuer field, enter the Issuer value from PingOne.
- On the Identity Provider Certificate line, click Browse to upload the signing certificate you downloaded in step 4.
- From the SAML Identity Type list, select Assertion contains User's salesforce.com username.
- From the SAML Identity Location list, select Identity is in the NameIdentifier element of the Subject Statement.
- In the API Name field, enter a unique name for the API.
-
In the Entity ID field, enter
https://saml.salesforce.com
If you have a Salesforce.com My Domain URL, you can enter it into this field instead.
- Optional: In the Identity Provier Login URL, enter https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=<IdP ID>, replacing <IdP ID> with the IdP ID value from PingOne.
- Optional: In the Identity provider Logout URL field, enter https://sso.connect.pingidentity.com/sso/terminatesession.aspx?page=https://www.salesforce.com.
- Optional:
In the Custom Error URL, enter a URL to redirect users
to when an error occurs.
If your identity bridge is AD Connect with IIS, you can enter https://<AD Connect IIS Server URL>/ADconnect/error.aspx.
-
Click Save.
Note:
Keep the Salesforce tab open, as you will need values from it for the next steps.