Setting Up Single Sign (SSO) on with Pingone

//Setting Up Single Sign (SSO) on with Pingone

Setting Up Single Sign (SSO) on with Pingone

Prerequisite

  1. User should have admin access on pingone.
  2. For azure, should have the permission to add new enterprise application.
  3. User should have admin access to Kpifire and access to set single sign on in Kpifire.

Configure License Type for different Users

1. Create groups in Pingone/azure by navigating to Users -> Group

2. Group name should be from below table.

Group Name License Type Priority
Kpifire.Admin Admin 7
Kpifire.Executive Executive Viewer 6
Kpifire.Strategy Manager 5
Kpifire.Project User 4
Kpifire.TeamMember Team Member 3
Kpifire.Idea Idea Creator 2
Kpifire.Viewer Viewer 1

3. Group name are case insensitive. We can add prefix or suffix to group name.
Example: TestCompany.Kpifire.Admin.License is also valid as it has group name part form above table.

4. Then assign users to the group based on organization need.

5. License type for current user will be affected after logout and login again from website.

6. If user is present in multiple groups, then user will have the license type that has higher priority.
Example: If a user is present in Kpifire.Viewer, Kpifire.Project. Then user will have license type of Kpifire.Project.

Example: If a user is present in Kpifire.Viewer, Kpifire.Project. Then user will have license type of Kpifire.Project.

Settings for Pingone SSO

1. Settings on Ping one Side

  • Login to ping one using url https://admin.pingone.com/
  • Navigate to Setup -> Identity Repository
  • Set identity provider as Ping one and do following
  • Then Navigate to Applications –> My Applications
  • Add an application and do the following steps as shown below.

1. Application Details

2. Application Url Configuration

3. Application Attribute Configuration

4. Application Group Configuration

5. Application Review Screen

2. Settings on Kpifire

  • Login to Kpifire as administrator.
  • Navigate to settings -> Single Sign On @ https://app.kpifire.com/#/admin/sso

  • Set the following attribute email, first name, last name fields
    1. Email Attribute: user.email
    2. First Name Attribute: user.givenname
    3. LastName Attribute: user.surname

Test SSO

  • Login to ping one site
  • Navigate to Application -> my application
  • Click on the application -> Single sign on
  • Then user will be redirected to Kpifire with login.

2020-08-01T05:54:15+07:00 August 1st, 2020|Blog|

About the Author: