Sign On
Sign Off
Ping Identity
Partner Network
Blog
Contact
1.877.898.2905
Sign On
Knowledge Base
Documentation
Support
Community
User Groups
Knowledge Base
Documentation
Community
User Groups
Support
Training Calendar
Video Library
Manage Licenses
Manage Account
PingInsiders
Local User Groups
PingOne Uptime
PingOne Status
Ping Identity
Partner Network
Contact
Home
Knowledge Base
Knowledge Base
User Groups
Knowledge Base
BACK TO KNOWLEDGE BASE HOME >
How to configure authentication request signing in PingOne
Published: 06/28/2016
When doing service provider initiated SSO, your identity provider or company policy may require signing of the SAML authentication request. To enable signing please follow the steps below:
- Log into the PingOne Admin portal
- Click "Set up" in the navigation toolbar.
- Click the Pencil icon
If PingOne is configured with PingFederate version "7.3 or Below":
- Click "Next"
- On the following screen, put a check in the box "SIGN AUTHNREQUEST FROM PINGONE"
- Click "Next"
- Click "Next" on the remaining screens, then click "Save" to save your changes.
If PingOne is configured with PingFederate version "8.0 or Above":
No changes in PingOne are applicable. If PingFederate is set to require "Require AuthN Requests To be Signed When Received via The Post or Redirect Bindings", PingOne will automatically sign the authentication request.
If PingOne is configured with 3rd Party SAML:
- When you click the pencil, you will be taken directly to the configuration screen where you can set AuthN signing. Put a check in the box "SIGN AUTHNREQUEST FROM PINGONE":
- Click "Next"
- Select the radio button "Manually Enter Your IDP Connection Information".
- No other changes are required, click "Save".
When the above changes are made, PingOne will sign authentication requests when service provider initiated SSO are performed. The verification certificate is inside the PingOne metadata file and should get loaded into the SAML product when the metadata is uploaded for configuration.
Category:
Setup
,
3rd Party Identity Bridge
,
KB or other URL: