- Log in to PingOne
- Configure federated web-based SSO authentication with the following settings:
- M-Pin SSO configured as SAML provider
- The M-Pin SSO SAML metadata (found under Global Settings > SAML Metadata in the M-Pin SSO web console) uploaded to the profile.
For details on how to configure these settings and obtain the link to the metadata file, refer to the PingOne user documentation.
In the M-Pin SSO web console:
- Under Integration, click on the + button next to PingIdentity profiles.
The Add PingIdentity profile page is displayed.
- Complete the required fields and save the profile. Settings:
- Name: (required) – name of the profile, e.g. Sample PingOne Profile
- LDAP Profile: – if you have LDAP profiles configured, they will be available in this drop-down
- Recipient URL: – IAM end point for the client app (if any)
- Metadata: (required) – the SAML metadata file of the M-Pin SSO Endpoint configured in your PingOne account.
- Group: (conditional) – User Group in the PingOne profile to which Users belong. The need to specify a Group depends on how user groups are configured in the PingOne account. You might need to configure several PingOne profiles in M-Pin SSO, one for each user group, in case M-Pin SSO users belong to several PingOne user groups
- PingIdentity application saasid (for IdP flow only): (conditional) – PingOne saasid of the application. Required if logging in from M-Pin SSO is to be enabled.
After saving, the profile is displayed on the PingIdentity profiles page.