1. In the ACS URL field, enter the assertion consumer service (ACS) URL.
    Note: The default ACS URL is pre-populated, and should work for most ADP Workforce Now connections.
  2. In the Entity ID field, enter the Entity ID.
    The default Entity ID is pre-populated, and should work for most ADP Workforce Now connections.
  3. In the Target Resource field, enter a URL to redirect the user to after IdP-initiated single sign-on (SSO).
    The default URL is pre-populated, and should work for most ADP Workforce Now connections.
  4. In the Single Logout Endpoint field, enter a URL for PingOne to send single logout (SLO) requests to.
  5. In the Single Logout Response Endpoint field, enter a URL for PingOne to send SLO responses to.
  6. On the Primary Verification Certificate line, click Browse to locate and upload a local certificate file used to verify SLO requests and responses.
  7. On the Secondary Verification Certificate line, click Browse to locate and upload a local certificate used to verify SLO requests and responses if the primary certificate fails.
  8. Select the Force Re-authentication check box to require your identity bridge to re-authenticate users with an active SSO session.
  9. Select the Encrypt Assertion box to encrypt outgoing SAML assertions.
  10. On the Signing line:
    • Click Sign Assertion to have PingOne sign outgoing SAML assertions. This is the default option.
    • Click Sign Response to have PingOne sign responses to incoming SAML assertions.
  11. From the Signing Algorithm list, select an algorithm with which to sign SAML assertions.
  12. Select the Use Custom URLcheck box to enter a customer URL to launch ADP Workforce Now from the dock.
Click Continue to Next Step.