PingFederate

overview pingfederate is an enterprise grade federation server by https //www pingidentity com/en/product/pingfederate html that enables secure single sign on (sso) integration guide shi requires the following pieces of information to configure a pingfederate integration sso (sign in) url the endpoint where our application will send saml authentication requests example https //pingfederate example com x 509 signing certificate your pingfederate identity provider's (idp) public certificate used to sign saml assertions this may require the x 509 integration kit depending on your version of your idp server https //support pingidentity com/s/marketplace integration/a7i1w0000004icwqam/x509 integration kit please provide it in pem or cer format saml metadata (optional but recommended) if available, please share your idp's metadata xml file to streamline the configuration process assertion details a sample saml assertion to verify the included attributes, especially the nameid verifying nameid format for our primary means of integration, it's crucial that the nameid in the saml assertion contains the user's email address here's how you can verify this access pingfederate administrative console to check for your name identifier https //support pingidentity com/s/article/pingone how to configure name identifier review attribute mapping ensure that the nameid is mapped to the user's email attribute provide a sample saml assertion this will allow us to confirm the nameid format and other attributes if the nameid does not contain the user's email, please specify which attribute in the saml assertion carries the email address so we can configure a custom saml connection if that's the case, there may some additional followup configuration after these initial steps