Adding Amazon Web Services to the PingOne application portal - PingOne - PingOne Cloud Platform

PingOne Cloud Platform

PingOne Cloud Platform
PingOne Cloud Platform
Product documentation
Guide > Administrator Guide

Use the application catalog to add Amazon Web Services (AWS)Amazon Web Services (AWS)AWS An Amazon subsidiary providing cloud computing platforms. to your application portal.

  1. In PingOne, go to Applications > Application Catalog.
  2. In the Search for applications field, enter Amazon Web Services.
  3. Click the Amazon Web Services entry to open the details panel.
  4. Review the following:
    • Name. Enter a new name to replace the default application name (optional).
    • Icon. Select a new image to replace the default application icon (optional).
    • Entity ID. The field is pre-populated with the correct value for AWS.
  5. Click Next.
  6. On the Map Attributes page, review the AWS to PingOne attribute mappings.

    Common attributes are pre-populated with the SAMLSAML (Security Assertion Markup Language) A standard, XML-based, message-exchange framework enabling the secure transmittal of authentication tokens and other user attributes across domains. subject, the SAML role session name, and the SAML session duration. You must map any required attributes before you can continue.

    To change an attribute mapping Enter or select a new attribute in the PingOneMappings list.
    To add an attribute Click + Add. Enter the appropriate attribute mappings. To use the expression builder, or to map the attribute to a literal string value, click the Gears icon. For more information, see Using the expression builder.
    To designate the attribute as required Select the Required check box.
    To delete an attribute mapping Click the Delete icon.
  7. Click Next.
  8. For Select Groups, enter the name of the groups that you want to have access to the application.

    By default, all users have access to the application. Assigning groups restricts application access to only those groups.

  9. Click Save.

    The application is now configured for PingOne. You might have to perform additional configuration on the application side.

To see applications that have already been configured, click the Configured tab on the Application Catalog page.

On the Connection Details page, you can download or copy metadata required by the application for single sign-on (SSO)single sign-on (SSO)sso The process of authenticating an identity (signing on) at one website (usually with a user ID and password) and then accessing resources secured by other domains without re-authenticating. configuration.

This information includes:

  • PingOne metadata
  • The PingOne signing certificate
  • The PingOne Issuer ID URLURLURL (Uniform Resource Locator) Identifies a resource according to its Internet location.
  • The PingOne SSO Service URL
  • The PingOne identity provider (IdP)identity provider (IdP)IdP A service that manages identity information and provides authentication services to relying clients or service providers (SPs) within a federated or distributed network. Metadata URL
  • The PingOne Initiate SSO URL

After you configure the application, you can manage it at Applications > Applications . For more information about advanced settings, see Editing an application.