Skip to main content

PingOne

Configure SSO With PingOne

There are two steps involved in configuring SSO with Ping Identity server:

  • Configure Settings in Ping Identity server
  • Configure Settings in SureMDM Hub

Configure Settings in Ping Identity server

To configure settings in Ping Identity server, follow these steps:  

1.  Login to Ping Identity Server, go to Applications, and then click Add Application.

2.  Select New SAML Application

3.  Enter the Application Name as SureMDM.

4.  Click Continue to Next Step and in Application Configuration tab, enter the following details:

Entity ID: urn:42gears:suremdm:SAML2ServiceProvider

ACS (Consumer) Service: https://(SureMDM Hub Server Path)/adminconsole/ssoconsumer/Hub ID

Single Logout URL: SureMDM Hub Server Path)/adminconsole/ssoconsumer/Hub ID

Single Logout Response Endpoint: https://(SureMDM Hub Server Path)/adminconsole/ssoconsumer/Hub ID

note

Admin should enter their Server URL and Account ID into the above-mentioned URL.

5.  Click Continue to Next Step

6.  Click Save and Publish.

7.  Download the SAML Metadata from provided Download link and click Finish.

     A certificate will be downloaded.  

Configure SSO in SureMDM Hub (PingOne)

To configure SSO with PingOne, follow these steps:

1. Login to the SureMDM Hub as a Superuser.

2. Navigate to SureMDM Hub > Account Management > Single Sign On.

3. Configure Single Sign-On settings for PingOne.

  • Enable Single Sign-On: Select this option to allow configuring Single Sign-On settings.
  • Service Identifier: Enter the Service Identifier

This value is present under EntityDescriptor tag, entityID property of your metadata XML file. Fetch these values from the certificate downloaded in step no.7, Configure settings in Ping Identity server. 

For example: https://pingone.com/idp/cd-1789152136.42gears

  • Sign On Service Url: Enter the Sign On Service Url. This value is present under \md:SingleSignOnService  (node with HTTP-Redirect binding) -> Location

*Fetch these values from the certificate downloaded in step no.7,Configure settings in Ping Identity server

For example: https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=9f35bb37-2cb1-4233-9e6c-22f71a089a4f

  • Logout Service Url: Enter the URL for logout.
    note

    Generally, the URLs for the Sign On Service Url and Logout Service Url will be the same.

  • Roles: Choose an option for the Roles from the drop-down menu. To know more, see Create Roles for the Admin User.

4. Click Generate Certificate to generate a self-signed certificate on the server and make it ready for download.

or

Click Upload Certificate to upload another certificate. 

These options are available when no certificate is uploaded.

5. Once configuring, click Save.