Create an SP connection in PingFederate using the policy contract created in the previous task.

  1. Go to Applications > Integration > SP Connections and then click Create Connection.
  2. On the Connection Template tab, select whether to use a template for this connection, and then click Next.
  3. On the Connection Type tab, select the Browser SSO Profiles check box, and from the Protocol list, select SAML 2.0. Click Next.
  4. On the Connection Options tab, select the option that applies to the connection, and then click Next.
  5. On the Import Metadata tab, import metadata from a file or URL if desired. Click Next.
  6. On the General Info tab, complete the Partner's Entity ID and Connection Name fields, and then click Next.
  7. On the Browser SSO tab, click Configure Browser SSO, and then select the applicable SSO profiles. Click Next.
  8. On the Assertion Lifetime tab, configure the assertion lifetime and then click Next.
  9. On the Assertion Creation tab, click Configure Assertion Creation.
  10. On the Identity Mapping tab, select the type of name identifier that you will send to the SP, and then click Next.
  11. On the Attribute Contract tab, extend the contract if desired. Click Next.
  12. On the Authentication Source Mapping tab, click Map New Authentication Policy.
  13. From the Authentication Policy Contract list, select the policy contract you created in step 1. Click Next.
  14. On the Mapping Method tab, choose to retrieve additional values from your data stores if desired. Click Next.
  15. On the Attribute Contract Fulfillment tab, from the Source list, select Authentication Policy Contract.
  16. From the Value list, select a value from the authentication policy contract and then click Next.
  17. On the Issuance Criteria tab, configure conditional authorization if desired, and then click Next.
  18. On the Summary tab, click Done.
  19. Click Next and Done until you reach the Protocol Settings tab. Click Configure Protocol Settings.
  20. On the Assertion Consumer Service URL tab, from the Binding list, select a binding, and in the Endpoint URL field, enter the endpoint URL. Click Add and then click Next.
  21. Click Next until you reach the Credentials tab, configuring the desired settings.
  22. On the Credentials tab, click Configure Credentials.
  23. On the Digital Signature Settings tab, from the Signing Certificate list, select a signing certificate. Click Next and Done until you reach the Activation & Summary tab.
  24. Click Save.