PingOne SSO for SaaS Apps has several ways to connect customers to your application.
To connect a customer to your application, you first choose a connection method. When the customer has accepted the connection, you edit the connection to assign additional settings and verify or reconfigure the existing settings.
Choose the appropriate connection method for your application:
- SSO Self-Service widget
- Adding the
single sign-on (SSO)Self-Service widget is the easiest way to add customer connections to your Application Catalog app. For more information, see Application Catalog app connection. single sign-on (SSO) sso The process of authenticating an identity (signing on) at one website (usually with a user ID and password) and then accessing resources secured by other domains without re-authenticating.
- Email Invitation
- You can send you customer an invitation email containing a link to PingOne for Enterprise to provide their SSO information. This is the best option if you can't use the Self-Service widget. For more information, see Creating an invited SSO connection.
- Customer Connection REST API
- If you want your customers to provide their information directly to your application without ever visiting PingOne for Enterprise, you can add connections using the Customer Connection REST API. You should only use the Customer Connection API in cases where sending the customer's administrative user to the PingOne for Enterprise portal isn't a viable option. For more information, see Application Catalog app connection.
- Manual SAML connection
- You can add customer connections manually. You should only choose this method in
circumstances, such as:
- Your customer prefers that you manage their connection to your application.
- A direct SAML connection to your application is all that your customer needs.
- You anticipate connecting to a limited number of customers.
- Your customer is not using PingOne for Enterprise.
See Direct SAML connection for more information.
- Configure a private application for a managed partner account
- If you have a PingOne SSO for SaaS Apps with Managed Accounts license, you can create a private connection for your partner accounts. After entering a partner account and adding an application, you'll configure the application connection from within the partner's account, rather than from your PingOne SSO for SaaS Apps account. For more information, see Connect an application for a partner account.
- PingOne Invited SSO
- Invited SSO accounts are PingOne for Enterprise accounts designed
specifically for your customers who already have an
identity provider (IdP)set up and want to handle the application connection themselves. They can then use their Invited SSO account to add the connection to your application and configure an identity bridge to their IdP. For more information, see Invited SSO. identity provider (IdP) IdP A service that manages identity information and provides authentication services to relying clients or service providers (SPs) within a federated or distributed network.