[Legacy] PingOne

Owned by Audun Røe (Unlicensed)
Last updated: Mar 29, 2022 by Steinar Line
3 min read

This guide is for an older version of Kantega SSO Enterprise and is no longer maintained. New guides are here: https://kantega-sso.atlassian.net/l/c/rNTaTonz .

Start by clicking “Add new identity provider" and select “PingOne” from the drop-down:

In a separate browser tab, sign in to the PingOne admin console and go to the Applications page:

Click "Add Application" and select "New SAML Application"

Enter values for the required fields:

  • Application Name

  • Application Description

  • Category

Click "Continue to Next Step"


Go back to the KSSO setup wizard. Copy the URL values from the setup wizard into the "Assertion Consumer Service (ACS)" and "Entity ID" fields

 

Add givenName, surname and email attributes. For each of the three attributes, click "Add new attribute" and fill out Attribution Attribute and Identity Bridge Attribute values.

Click Save & Publish.

On the Review Setup page, download the SAML metadata file for your application:

Then click finish to complete the application setup.

Next, assign your application to User Group(s). Navigate to the Users tab, then User Groups:

Click Edit on the group you want to assign the application to

Select your application and click Save.



It’s now time to move back to the KSSO wizard and finish configuring PingOne as an identity provider in the Atlassian product.

Back in the setup wizard you can now press "Next" to get to the import step and upload the metadata file downloaded in step 6.

Press "Next" to proceed to the next wizard step.


Give the identity provide a name in the "Location" step

Press "Next" to proceed to the next wizard step.

Verify the signing certificate info and fingerprint:

Press "Next" to proceed to the next wizard step.


Specify whether authenticated users pre-exist or need to be created at login. Here, you can also assign default group memberships to users at login. (Groups can also be assigned to individual users according to Group Claims in the SAML response during login. This is configured in the "Group membership" setting available after completing the setup wizard).

Press "Next" to summarize the setting and "Finish" to complete the wizard.


After finishing the wizard, you will be sent to the test pages for verification of your setup. Here, you may also perform the last configuration parts.