Connect to PingIdentity / PingOne with SAML 2.0
FoxIDs can be connected to PingOne with a SAML 2.0 authentication method. Where PingOne is a SAML 2.0 Identity Provider (IdP) and FoxIDs is acting as an SAML 2.0 Relying Party (RP).
Take a look at the PingOne sample configuration in FoxIDs Control: https://control.foxids.com/test-corp
Get read access with the userreader@foxids.com
and passwordTestAccess!
then select theProduction
environment and theAuthentication
tab.
Configuring PingOne as Identity Provider (IdP)
1 - Start by creating an SAML 2.0 authentication method in FoxIDs Control Client
- Add the name
- Then the SAML 2.0 Metadata is created with the authentication method name, copy the metadata URL
2 - Then go to PingOne and create the application (Relying Party)
- Add the application name
- Choose Application Type: SAML Application
- Click Configure
- In the SAML configuration page, select Import From URL and import the FoxIDs authentication method metadata URL
- Click save
- Select the Configuration tab and copy the IDP Metadata URL
- Enable the application (sliding button top right corner)
Currently FoxIDs only support PingOne if either the
Sign Assertion
orSign Response
option is selected, the optionSign Assertion & Response
is not supported. Please see the issue.
3 - Then go back to the SAML 2.0 authentication method in FoxIDs Control Client
- Add the PingOne metadata URL in the Metadata URL field.
- Click Create
You are done. The SAML 2.0 authentication method can now be used as an authentication method for application registrations in the environment.