1. In PingOne, go to Connections > Application Catalog.
  2. In the Search for applications field, enter Amazon Web Services.
  3. Click the Amazon Web Services entry to open the details panel.
  4. Review the following:
    • Name. Enter a new name to replace the default application name (optional).
    • Icon. Select a new image to replace the default application icon (optional).
    • Entity ID. The field is pre-populated with the correct value for AWS.
  5. Click Next.
  6. On the Map Attributes page, review the AWS to PingOne attribute mappings.
    Note:

    Common attributes are pre-populated with the SAML subject, the SAML role session name, and the SAML session duration. You must map any required attributes before you can continue.

    OptionDescription
    To change an attribute mapping Enter or select a new attribute in the PingOneMappings list.
    To add an attribute Click + Add. Enter the appropriate attribute mappings. To use the expression builder, or to map the attribute to a literal string value, click the Gears icon. For more information, see Using the expression builder.
    To designate the attribute as required Select the Required check box.
    To delete an attribute mapping Click the Delete icon.
  7. Click Next.
  8. For Select Groups, enter the name of the groups that you want to have access to the application.
    Note:

    By default, all users have access to the application. Assigning groups restricts application access to only those groups.

  9. Click Save.

    The application is now configured for PingOne. You might have to perform additional configuration on the application side.

To see applications that have already been configured, click the Configured tab on the Application Catalog page.

On the Connection Details page, you can download or copy metadata required by the application for single sign-on (SSO) configuration.

This information includes:

  • PingOne metadata
  • The PingOne signing certificate
  • The PingOne Issuer ID URL
  • The PingOne SSO Service URL
  • The PingOne identity provider (IdP) Metadata URL
  • The PingOne Initiate SSO URL

After you configure the application, you can manage it at Connections > Applications . For more information about advanced settings, see Editing an application.