To configure Workplace from Facebook for single sign-on (SSO), you require the following details from PingFederate.
  • SAML URL, such as https://pf_host:pf_port/idp/SSO.saml2
  • SAML 2.0 Entity ID that you set in
  • SAML certificate

The following section describes the steps to configure SSO in Workplace from Facebook. For more information, see Single Sign On Authentication in the Workplace from Facebook documentation.

  1. In PingFederate, export your signing certificate.
    1. On the PingFederate admin console, go to Security > Signing & Decryption Keys & Certificates.
    2. For the certificate that you want to use, in the Action column, click Export.
    3. On the Export Certificate tab, click Next.
    4. On the Export & Summary tab, click Export.
    5. Open the ***********.crt file in a text editor and copy the contents.
  2. Sign onto Workplace from Facebook as an administrator.
  3. Go to Admin Panel > Security.
  4. On the Authentication tab, select the Single-sign on (SSO) check box.
  5. If you want to prevent users from signing on without SSO, clear the Password check box.
  6. In the SSO Providers section, click Add new SSO Provider or open preferences for an existing one.
  7. In the Name field, enter a name of your choosing.
  8. In the SAML URL field, enter your PingFederate SSO endpoint. For example, https://pf_host:pf_port/idp/SSO.saml2.
  9. In the SAML Issuer URL field, enter the PingFederate SAML 2.0 Entity ID that you set in .
  10. In the SAML Certificate field, paste the contents of the ***********.crt file that you exported from PingFederate.
  11. Click Test SSO. Resolve any issues that are reported, and then click Save.