To complete the integration, import the metadata file from NGFW and finish the service provider (SP) configuration in PingFederate.
-
Create an SP in PingFederate, and import the
NGFW metadata file.
-
In the PingFederate administrative
console, go to Applications > Integration > SP Connections, and then click Create
Connection.
- On the Connection Template tab, select Do Not Use a Template for This Connection, and then click Next.
- On the Connection Type tab, select the Browser SSO Profiles check box, and select SAML 2.0 from the Protocol list. Click Next.
- On the Connection Options tab, accept the default election and click Next.
-
On the Import Metadata tab, select the
File check box and then click
Choose File. Select the NGFW metadata file
from step 4 of Configuring
a SAML Integration with PingFederate in NGFW, and then click
Next.
- On the Metadata Summary tab, ensure the imported EntityID field is correct, and then click Next.
-
On the General Info tab, review the imported
Base URL field, and then click
Next.
-
On the Browser SSO tab, click
Configure Browser SSO.
-
On the SAML Profiles tab, select the
SP-Initiated SSO check box, and then click
Next.
- On the Assertion Lifetime tab, accept the default values and click Next.
-
On the Assertion Creation tab, click
Configure Assertion Creation.
- Click Next until you reach the Authentication Source Mapping tab, accepting the default values.
-
On the Authentication Source Mapping tab, an
Adapter Instance or Authentication Policy Contract must exist. Click
Map New Adapter Instance.
-
On the Adapter Instance tab, select
HTML Form Adapter from the Adapter
Instance list, and then click
Next.
- On the Mapping Method tab, accept the default values and click Next.
-
On the Attribute Contract Fulfillment tab,
select Adapter from the
Source list and select
username from the
Value list. Click
Next.
-
In the PingFederate administrative
console, go to Applications > Integration > SP Connections, and then click Create
Connection.