Single Sign-On for Ping Identity

Support
1

Single Sign-On (SSO) allows you to sign in to Bluescape from a centralized identity provider (IDP), simplifying user experience and management. Bluescape supports SSO through IDPs using the SAML 2.0 standard.

How to Set Up SSO For Ping Identity

The following instructions are for setting up PingOne, and the cloud-based SSO service put out by Ping Identity.

  1. Log in to the PingOne homepage.
  2. On the PingOne dashboard that opens, select the Applications link in the top menu bar.
     
    Select Applications
     
  3. On the My Applications screen that appears, select the Add Application button.
     
    Select Add Application
     
    Note: If the option to add a new SAML app is disabled, see the Ping support article entitled, Why is adding a new SAML app disabled?
  4. In the dropdown list that appears below the button, select the New SAML Application option.
     
    Select New SAML Application from the dropdown list
     
  5. In the Application Details field that opens, enter a name for the application and an application description (optional).
  6. In the Category field, select the category that best suits the application.
  7. Select the Continue to Next Step button.
     
    Select Continue to Next Step
     
  8. On the Application Configuration screen, complete the fields listed below. You should have received the values for each field from your Bluescape Support Engineer.
    • Assertion Consumer Service (ACS)
    • Entity ID
    • Application URL
    • Single Logout Endpoint
    • Single Logout Response Endpoint
       
      The Application Configuration screen
       
  9. Select the Continue to Next Step button.
  10. On the SSO Attribute Mapping screen, select the Add new attribute button.
     
    SSO Attribute Mapping screen
    SSO Attribute Mapping screen1066×523 24.3 KB

     
  11. Add the following four attributes:
Application Attribute Identity Bridge Attribute or Literal Value
User.FirstName First Name
User.LastName Last Name
User.Email Email
user_guid Refer to the Ping documentation for the recommended value that should be used.**

Note: If you choose to use a value other than the one recommended by Ping, the value must be unique for each user and unchangeable, even if the user’s email changes.

  1. Select the Continue to Next Step button.
  2. The My Applications screen appears, showing all of the details for the new app.
     
    The My Applications screen
    The My Applications screen1014×1386 74.5 KB

     
  3. In the SAML Metadata field, select the Download button, then specify the location on your computer where you want to download the app metadata.
  4. Send the metadata file to your Bluescape Support Engineer so that it can be hosted in the Bluescape system.
     
    Note: Bluescape requires all X509 Certificate fields in metadata files to be free of all spaces and carriage returns.
     
  5. The application setup process is complete when the file is hosted.

Where to Next?

Not what you were looking for? Reply below or Search the community and discover more Bluescape.

2

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.