Ping Identity

In this document you are going to set up IDmelon as an external IdP to the Ping Identity.

Login to Ping Identity administration panel


Login to Ping Identity.

Open Ping Identity dashboard.

on the rightside hand of navbar Click on Administrators

Add Identity Provider


Click Connection

Under IDENTITY PROVIDERS Click on External IdPs

Click on Add Provider

Click on SAML

Configure SAML 2.0 IdP


Configure SAML 2.0 IdP

Create IdP Profile

NAME : Custom_name

DESCRIPTION : Custom_description

ICON : Custom_icon

LOGIN BUTTON : Custom_login_button

Continue

Configure PingOne Connection then select Continue

Configure IdP Connection

Choose : Manually enter the following metadata information

Get all values for {..} from your IDmelon panel.
If you are currently login here, you will see the replaced values instead.

SSO endpoint : idmelon single sign on url

IdP entity ID : idp_issuer_uri

SSO binding : Specifies the binding to use for the authentication request. Select HTTP Post or HTTP Redirect.

VERIFICATION CERTIFICATE : idp_certificate_download_url

Save and Continue

On the Map Attributes page, define how the PingOne user attributes are mapped to identity provider attributes. For more information, see Mapping attributes

Enter the PingOne user profile attribute and the external IdP attribute. For more information about attribute syntax, see Identity provider attributes

To add an attribute, click \+ Add attribute

To use the expression builder, click Build and test or Advanced Expression. See Using the expression builder

Select the update condition, which determines how PingOne updates its user directory with the values from the identity provider. The options are:

Empty only: Update the PingOne attribute only if the existing attribute is empty.

Always: Always update the PingOne directory attribute.

Save & Finish

Enabling or disabling IDmelon as Identity Provider : Reference

Finish

Setting idp-init for Ping Identity


Go to Connections → Applications

Add a new Oidc Application

Add Application

Choose a custom application Name

Choose a custom application Description

Choose a custom application ICON

Choose OIDC Web App

Save

Go to Oidc app which created

Activate Oidc app which on the rightside

Go to Configuration then click on Icon edit

Go to Connections → Applications

for Admins IdP init Login

Click on PingOne Admin Console

Copy Home Page URL

Done

for users IdP init Login:

Click on PingOne Application Portal

Copy Home Page URL

Done

Paste Home Page URL to Initiate Login URI field

Paste Home Page URL to Target Link URI field

Click the Overview tab.

Locate the Client ID and copy it to a relaystate field of IDmelon.

Example : Relaystate = applicationId=Custom Client ID

IDmelon SAML configuration


Go toConnections → External IdPs

Go to IDmelon IdP then click on IdP Configuration click edit

Download -> DOWNLOAD METADA File

You should upload metadata file and copy values of below fields from this Ping Identity panel to IDmelon Panel.

Go to IDmelon IdP then click on P1 Connection click edit

Copy -> PINGONE (SP) ENTITY ID

Select your SIGNING CERTIFICATE

select RSA_SHA256 in SIGNING ALGORITHM field

You should copy values of below fields from this Ping Identity panel to IDmelon Panel.

Passwordless


1

Open Admin dashboard of Ping Identity

2

Click on Experiences then Authentication Admin dashboard of Ping Identity

3

Under Authentication Policies

3

Choose or Createyour custom Authentication

3

example :

Click on PRESENTED IDENTITY PROVIDERS

Choose Idmelon as Identity Provider

Save

API Token


Click on Connections then Applications

Click on Add Applications then Choose Worker

Choose Custom name

Optional : Custom description

Click on Save

Click on Worker hen Click on Configuration

Scroll down then Click on Get Access Token

Copy Access Token click on Done

Note : Activate Worker Application

Done