How to use a custom SSO Provider (PingIdentity SSO)

How to use a custom SSO Provider (PingIdentity SSO)

As an Addon to the Applanga Enterprise tier you have the option to connect with custom SSO (Single Sign On) providers. Please get in touch for pricing details.

The following is an example if you want to use Ping Identity SSO.


Applanga PingIdentity SSO Integration

  • 1. In your Ping Identity admin console choose Connections, then Applications.

step1.png

 

  • 2. On the Applications page, click on the add Application button (+ icon).

step2.png

 

  • 3. Select WEB APP then afterwards click Configure in the OIDC option. Fill out the APPLICATION NAME, DESCRIPTION and ICONS as needed and click Next.

step3.png

 

  • 4. Paste https://dashboard.applanga.com/auth/ping-identity/callback in REDIRECT URLS then click Save and Continue

step4.png

 

  • 5. Drag and drop or simply use the add button(+ icon) to add the email and profile scopes to SCOPE GRANTS then click Save and Continue

step5.png

 

  • 6. No further configuration neeed at Attribute Mapping step. Simply click Save and Close at this step.

step6.png

 

  • 7. By now you should see your Applanga SSO application listed under Applications. Select the application if its not already pre-selected. You should see a top right toggle which is used to enable or disable user access to the application. Make sure this is toggled on.

step7.png

 

  • 8. Go to the Configuration tab then click the edit button top right.

step8.png

 

  • 9. Under General, select Code for RESPONSE TYPE, select Authorization Code and check Client Credentials under GRANT TYPE. Choose Client Secret Post under TOKEN ENDPOINT AUTHENTICATION METHOD. Remember to copy the CLIENT ID and CLIENT SECRET from here, then click Save.

step9.png

 

  • 10. Send an email to info@applanga.com with the topic "Custom SSO Configuration - YourCompanyName" wich contains your Client ID, Client secret, Application environment id, PingIdentity domain, a list of domains that should be enabled for your PingIdentity configuration and optionally a Session timeout which if specified will determine how long a login session should stay before users are required to login again. Alternatively and additionally you can provide a list of mail adresses if you want additional accounts to be added that do not belong to a domain. Optionally, you can also provide list of teams and user roles. Every SSO user newly signing up in Applanga will be automatycally added to these teams with preset role. The user role and team assignment can be later modified.
    Applanga will then need to redeploy your configuration wich may take up to 2 weeks and will let you know once its available. If that change is urgent please let us know so we can expedite your request.
    All signups that have been done prior to the configuration deployment will be automatically converted upon their next login.

 

  • 11. To login with PingIdentity on the Applanga Dashboard click on the SSO Login link on the bottom of the login page. You will be redirected to the SSO login page. There, enter your domain or email adress. This will redirect to the PingIdentity login page. If you are logged in with you PingIdentiy account, you will be redirected back to the Applanga dashboard.

    step6.png


 

If you encounter any issues please let us know.

Thank You!