Configure SSO: Ping Federate

You're using Ping Federate, which we can support out of the box using either [WS-Federation Passive Profile]( (recommended) or SAML 2.0. For SAML we use IdP-initiated SSO (with an optional login link in Idealink). These are the answers to the questions in the PDF:

* **SAML protocol versions supported:** SAML 2.0. 
* **SAML bindings supported:** POST. 
* **SAML profiles supported:** IdP-initiated SSO; WS-Federation Passive Profile. 
* **Entity ID:** any (configurable). 
* **Base URL:** 
* **Assertion Consumer Service URL:**]/core/login.saml?replyUrl=]&errorUrl=]/_/login/LoginError 
* **Signature requirements:** always sign assertions (configurable). 
* **Supported signing algorithms:** multiple algorithms including SHA-512. 
* **Assertion lifetime:** any (configurable). 
* **Attribute Contract:** Idealink requires an attribute which uniquely represents the user (the name of the attribute to use is configurable by the client). You can also optionally map attributes to the user display name and email address. 
* **SP affiliations:** none required.

Feedback and Knowledge Base