Configuring SAML integration with PingFederate in Pulse Connect Secure
Steps
-
In the Pulse Connect Secure administrative interface, go to System → Configuration → SAML.
-
Click New Metadata Provider.
-
Configure the new metadata provider:
-
In the Name field, enter a name.
-
In the Location field, select Local.
-
In the Upload Metadata File field, click Browse and import the metadata file you saved in Exporting the SAML Metadata from PingFederate with PingFederate.
-
In the Signing Certificate field, click Browse and select the certificate file you saved in the previous topic Exporting the signing certificate from PingFederate.
-
In the Roles field, select the Identity Provider check box.
-
Click Save Changes.
-
-
In the Pulse Connect Secure administrative interface, go to Authentication → Auth Servers.
-
In the list, select SAML Server and then click New Server.
-
Configure the new server:
-
Enter a Server Name.
-
For SAML Version, click 2.0.
-
For Configuration Mode, click Metadata.
-
In the Identity Provider Entity ID list, select the identity provider (IdP) that you created in the previous steps.
-
In the Identity Provider Single Sign On Service URL list, select the appropriate SSO URL.
-
In the SSO Method section, click POST.
-
In the Select Certificate list, select the signing certificate you created previously.
-
In the Metadata Validity field, enter any non-zero value.
You must populate the Metadata Validity field even though it won’t be used.
-
Select the Do Not Publish Connect Secure Metadata check box.
-
Click Save Changes.
-
-
Click Download Metadata and save the file.
-
In the Pulse Connect Secure administrative interface, go to Users → User Realms.
-
Select the authentication realm for your user population.
-
In the Authentication list, select the IdP that you configured.
-
Click Save Changes.
-