Using a single sign-on integration with PingOne, a single sign-on service, allows the Gaggle Managers and Members to leverage a single point of authentication (like Google) to sign into multiple platforms. This helps your team to only retain one username and password to log into multiple services. It also benefits the company as access can be terminated across multiple services by discontinuing their access to the account used for single sign-on (for example, the employee's Google account).
Let’s learn how to connect GaggleAMP to the PingOne dashboard with this integration guide.
Submitting a Request to GaggleAMP: Without a PingOne Account
If you do not have a PingOne account already, and you want to use them as your single sign-on provider, you’ll first need to contact GaggleAMP support.
- Contact GaggleAMP Support via the GaggleAMP application or email at email@example.com. In the message, let us know “I would like to enable the PingOne integration for my Gaggle.”
- GaggleAMP Support will respond with a special link that you or your IT team can use to configure PingOne inside GaggleAMP.
|Note: If you already have a PingOne admin account, you can skip this step entirely.
Sign-Up for a PingOne Admin Account
To sign-up for a PingOne account, please visit PingIdentity and request a demo. You will need to work with them directly to secure a PingOne account.
Once you have secured a PingOne account, set up your account with them. During the account setup, there will be an email confirmation link sent to your email in which there is a Company ID disclosed. Make note of the Company ID.
Sign In to the PingOne Admin Account
Once you have signed up for a PingOne account, you will need to log into PingOne. Once logged in:
- Navigate to the Overview dashboard, or go to this link.
- Select the ‘Connections’ tab
- Click the ‘+’ button next to the heading for ‘Applications’
- Add an Application name and your chosen description, then upload an icon if you choose. Once complete, select ‘SAML Application.’
- Once this information has been entered, you’ll see the SAML Application box. Choose ‘Configure.’
Next, you’ll be presented with the opportunity to provide the application Metadata. Select ‘Manually Enter’ and add the ACS URL and Entity ID noted below.
- Assertion Consumer Service (ACS): https://accounts.gaggleamp.com/auth/saml/callback
- Entity ID: https://accounts.gaggleamp.com/auth/saml/callback
Once you have filled out this step, continue to the next step. This will take you to the SSO attribute mapping page. Here you can access an overview, configuration, attribute mappings, policies, and access restrictions. From here, select ‘Attribute Mappings’ and add:
- Application Attribute: email
- Identity Bridge Attribute or Literal Value: email
- Make these ‘Required’
Once complete, select ‘Save & Publish.’
Finally, review the application connection information. The following are required to configure PingOne on GaggleAMP. Before you select ‘Finish’ to complete the application set-up, be sure to copy the single sign-on (SSO) from the ‘Configuration’ tab.
Once happy with your configuration, toggle the button in the upper-right to ‘on.’
Submitting Your PingOne Configuration to GaggleAMP
Using the configuration values noted in the prior section, you will need to visit the special link that GaggleAMP support provided you and enter the request values:
Identity Provider Issuer: https://pingone.com/idp/CompanyID
Uncheck the box for 'Use Identity Provider provided metadata URL
Enter the Identity Provider Single Sign-On URL copied earlier in the installation
Upload the 509 Certificate
If you have questions on how to best integrate GaggleAMP to PingOne, please speak with your Customer Success Manager and we’d be happy to help you out.