On the System > PingOne for Enterprise Settings screen, configure various PingOne® for Enterprise integration settings and optionally enable and configure a built-in RADIUS server to integrate PingID® with your VPN.

Configure PingOne for Enterprise settings

  • To toggle the ability to sign on to the administrative console using the PingOne admin portal credentials, select or clear the Enable Single Sign-On from PingOne to the PingFederate Administrative Console check box.
  • To toggle the ability to monitor your PingFederate server (or servers in a clustered environment) from the PingOne admin portal, select or clear the Enable Monitoring of PingFederate from PingOne check box.
  • To update the authentication key that PingFederate uses to communicate with PingOne for Enterprise, click Rotate Key.

    Periodic rotation can ensure optimal security of your environment.

    It is worth noting that PingFederate also automatically rotates the signing certificate used by the managed SP connection. For more information, see Managed SP connection to PingOne for Enterprise and signing certificate.

  • To access the PingOne admin portal, click Launch PingOne Admin Portal.
  • To disconnect PingFederate from your PingOne account, click Disconnect from PingOne and then confirm your decision.

    Applicable if you have made changes that should not be propagated to your PingOne for Enterprise account.

    For instance, you have two PingFederate environments: testing and production. The production PingFederate server is configured with a managed SP connection to PingOne for Enterprise. The test PingFederate server is not. You have just exported a configuration archive from the production server and imported it to the test server. As soon as the configuration archive is imported, the administrative console prompts you to decide whether to update PingOne for Enterprise or to disconnect from PingOne for Enterprise. In this example, you should disconnect the test server from PingOne for Enterprise so that nothing will be uploaded to your PingOne for Enterprise account from the test server.

Configure PingOne for Enterprise SSO settings

  • To enable SSO via PingOne for Enterprise, click Identity Repository Configuration.

    Applicable if you have not yet completed the PingOne SSO configuration in the past, which would have created a managed SP connection to PingOne for Enterprise.

  • To upload configuration changes to your PingOne account, click Update PingOne Identity Repository and then confirm your decision.

    Applicable if you have made changes that should be propagated to your PingOne for Enterprise account.

    For example, you are about to set up a new SAML application on PingOne for Enterprise that requires a telephone number of the user. Because the current attribute contract in the managed SP connection does not include an attribute for telephone number, you extend the attribute with a new attribute, PrimaryTelephone. Once the connection is saved, the administrative console prompts you to decide whether to update PingOne for Enterprise or to disconnect from PingOne for Enterprise. In this example, you should upload the new configuration to PingOne for Enterprise so that the new PrimaryTelephone attribute becomes available when you set up the new SAML application in PingOne for Enterprise.

Enable and configure the built-in RADIUS server to integrate PingID with your VPN

  • Click PingID Configuration to open the PingID VPN (RADIUS) configuration wizard.

    Applicable if you have not yet completed the PingID VPN (RADIUS) configuration in the past, which would have created a PingID provisioning connection, an instance of the PingID PCV, or both.