Ping Identity - IdP for Cloud Authentication Service - RSA Ready Implementation Guide
2 years ago
Originally Published: 2023-10-05

This section describes how to configure Ping Identity as an IdP for RSA Cloud Authentication Service.

Configure RSA Cloud Authentication Service

Perform these steps to configure RSA Cloud Authentication Service as a service provider for Ping Identity.

Procedure

  1. Sign into the RSA Cloud Administration Console and browse to My Account > Company Settings > Sessions & Authentication.
  2. In the Cloud Administration Console Authentication > Primary Authentication section, click Third-Party Identity Provider (IdP) and perform the following steps.
    1. Sign-in URL: Displays the URL that the administrators will use when they sign in to the Cloud Administration Console through a third-party IdP.
    2. Assertion Consumer Service (ACS) URL: Displays the URL that Ping Identity will use to set up the service provider.
    3. Issuer ID: Enter the value provided by Ping Identity.
    4. Issuer URL: Enter the value of the Single Sign-on Service provided by Ping Identity.
    5. Audience ID: Enter a value that the identity provider will insert into SAML assertions to indicate for whom the assertions are intended. The value is set as the Entity ID in SAML requests sent to the identity provider.
      Saneesh_0-1696498020576.png
  3. In the Cloud Administration Console Authentication > SAML Response Signature section, click Choose File to upload a certificate that the Cloud Authentication Service uses to validate the assertion signature provided by Ping Identity.
    Saneesh_1-1696498221533.png
  4. Click Save Settings.
  5. Click Publish Changes.

Configure Ping Identity

Perform these steps to configure Ping Identity as the third-party IdP for RSA Cloud Authentication Service.

Procedure

  1. Sign into Ping Identity Admin Console, click Administrator to access the environment.
  2. In the left pane, click Connections > Applications.
    Saneesh_2-1696499205256.png
  3. Click the plus icon.
  4. In the Add Application window, enter a name for the application and an optional description.
  5. Click SAML Application and click Configure.
    Saneesh_3-1696499262668.png
  6. Choose Manually Enter.
  7. Enter the ACS URLs from RSA Cloud Administration Console and the Entity ID which should match the Audience ID in the configuration done in RSA.
    Saneesh_4-1696499286436.png
  8. Click Save.
    The application appears in the set of applications managed as SPs to Ping Identity.
  9. Click the newly created application.
  10. Navigate to the Configure tab and click the edit icon.
  11. In the Subject NameID Format field, select the email address format and click Save.
    Saneesh_5-1696499315649.png
  12. Click the Attribute Mappings tab and click the edit icon.
  13. Select Email address for the PingOne Mappings field and click Save.
    Saneesh_6-1696499336549.png
    Saneesh_7-1696499347269.png
  14. On the Configuration tab, under Connection Details, download the signing certificate and apply it in the RSA Cloud Authentication Console configuration under the SAML Response Signature section.
  15. Enable the application by toggling the switch button for the application.
    Saneesh_8-1696499398766.png
    Saneesh_9-1696499408671.png
    Users can now log on to My Page and get authenticated by Ping Identity.

 

Configuration is complete.

Return to the main page.

 

Related Articles

Trending Articles

Don't see what you're looking for?