When enabling single sign-on (SSO) in the target service, you will require some or all of the following information from PingFederate.
Metadata file
Some target services allow you to import a SAML metadata file that contains some of the information below. For help exporting your metadata file, see Metadata export in the PingFederate documentation.
SAML endpoint
The PingFederate SAML endpoint
is:
https://<pf_hostname>:<pf_port>/idp/SSO.saml2
Identity provider issuer
This is SAML 2.0 Entity ID from PingFederate, which can be found under the Server Settings page. For more information, see Specifying federation information.
Tip: In order to override SAML 2.0 Entity
ID on the Server Settings page for your SP Connection, navigate to the General Info
screen to add a Virtual Server ID. This value will be sent as the SAML Issuer
URL.
Signing certificate
This is the public signing certificate that PingFederate uses to sign the SAML assertion. For help exporting your certificate, see Managing digital signing certificates and decryption keys.