This topic tells you how to configure a single sign-on partnership between PingFederate as the Identity Provider (IdP) and Single Sign‑On for VMware Tanzu Application Service as the Service Provider (SP).

PingFederate is a federation server that provides identity management, single sign-on, and API security for the enterprise.

Single Sign‑On supports service provider-initiated authentication flow and single logout. It does not support identity provider-initiated authentication flow. All Single Sign‑On communication takes place over SSL.

Prerequisites

To integrate PingFederate with Single Sign‑On, you must have the following:

  • PingFederate
  • A user with admin privileges

To configure SAML, you must have the Single Sign-On service broker installed on your Ops Manager deployment. You need to create a plan, grant any plan administrators, and specify any organizations this plan should be the authentication authority for. For help configuring plans, see the Manage Service Plans topic.

PingFederate Integration Guide

Configuring PingFederate with Single Sign‑On

Complete both steps below to integrate your deployment with PingFederate and Single Sign‑On.

  1. Configure PingFederate as an Identity Provider
  2. Configure a Single Sign‑On Service Provider

Testing and Troubleshooting

check-circle-line exclamation-circle-line close-line
Scroll to top icon