Configuring PingFederate Single Sign-On Integration with SAML
PingFederate is an enterprise-level federation server that provides users with secure access to applications from any device. PingFederate provides customers with a centralized or ‘global authentication authority’, which means they have a single and consistent way to sign in across all their platforms and domains.
Using Security Assertion Markup Language (SAML), a user can use their managed account credentials to sign in to enterprise cloud applications via Single Sign-On (SSO). An Identity Provider (IdP) service provides administrators with a single place to manage all users and cloud applications. You don't have to manage individual user IDs and passwords tied to individual cloud applications for each of your users. An IdP service provides your users with a unified sign-on across all their enterprise cloud applications.
How to Configure PingFederate Single Sign-On Integration with SAML
- Complete the instructions in Creating an SP Connection with your IdP PingFederate.
- In PingFederate, from SP Connections, select the SP Connection.
- Click Browser SSO, then Configure Browser SSO, then the SAML Profiles tab.
- From the list of profiles, select SP-INITIATED.
- Click Next, then Next again. The Assertion Creation tab is displayed.
- Click Configure Assertion Creation. The Assertion Creation window is displayed.
- Click Attribute Contract. The Attribute Contract tab is displayed.
- Add email as the Attribute Contract.
- In PingFederate, from SP Connections, select SP Connection, then Browser SSO, then Protocol Settings, then Configure Protocol Settings, then Allowable SAML Bindings. The Allowable SSL Bindings tab is displayed.
- From the list of options, select REDIRECT.
- Click Save.
- In PingFederate, click Server Configuration, then ADMINISTRATIVE FUNCTIONS, then Metadata Export.
- Click Next. The Connection Metadata tab is displayed.
- Select SP Connection, and click Next. The Metadata Signing tab is displayed.
- Select the Signing Certificate, and click Next. The Export & Summary tab is displayed.
- Export the metadata file.
- Click Done.
- Open the downloaded SAML metadata file, and copy the URL located in the EntityDescriptor node>entityID attribute:
- Then, log in to Acunetix 360, and from the main menu click Settings, then Single Sign-On. The Single Sign-On window is displayed. Select the SAML tab, and then paste the URL into the IdP Identifier field.
- Next, copy the URL from the SingleSignOnService node>Location attribute field.
- Then in Acunetix 360's Single Sign-On window, paste the URL into SAML 2.0 Endpoint field.
- Finally, copy the content of the X509Certificate node (signing).
- Then in Acunetix 360's Single Sign-On window, paste it into the X.509 Certificate field.
- In Acunetix 360, click Save Changes.