SSO/SAML Setup: PingOne for Enterprise
Note: DataGrail only supports connections with SAML v2.0.
PingOne Enterprise: SAML Configuration
-
Admin login to PingOne for Enterprise: https://admin.pingone.com/
-
Create the SAML Application
-
- Navigate to Applications > My Applications > SAML
- Press Add Application > New SAML Application
- Application Details:
- Name: DataGrail
- Description: YourCompanyName,Privacy Platform, DSAR fulfillment
- Category: Compliance
- Graphics: DG Logo.png [see attached in email]
-
Application Configuration
-
- Required Fields:
- Signing Certificate: PingOne Account Origination Certificate
- Protocol Version: SAML 2.0
- Assertion Consumer Service (ACS): https://[yourdomainhere].datagrail.io/saml/auth
- Example: if DataGrail was installing this saml solution to host our own platform login, the above url would be https://datagraildemo.datagrail.io/saml/auth
- Entity ID: https://[yourdomainhere].datagrail.io/saml/metadata
- Example: if DataGrail was installing this saml solution to host our own platform login, the above url would be https://datagraildemo.datagrail.io/saml/metadata
- Application URL: https://[yourdomainhere].datagrail.io
- Example: if DataGrail was installing this saml solution to host our own platform login, the above url would be https://datagraildemo.datagrail.io
- Signing: Sign Response
- Signing Algorithm: RSA_SHA256
- Force Re-authentication: true (checkbox)
- Default (leave alone)
- Single Logout Endpoint:
- Single Logout Response Endpoint:
- Single Logout Binding Type:
- Required Fields:
-
SSO Attribute Mapping
-
Add new attribute
-
Group Access
-
- Add appropriate groups for access
-
Review Setup
-
- Ensure data is correct
- Ensure the SAML Metadata URL is an .xml file
- Finish
-
Copy SAML Metadata URL and provide tosupport@datagrail.io
Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.