Using a Single Sign-On integration with PingOne, a Single Sign-On service, allows your Gaggle Managers and Members to leverage a single point of authentication (like Google) to sign into multiple platforms. This helps Gaggle Managers and Members to only retain one username and password to log into multiple services. It also benefits the company as access can be terminated across multiple services by discontinuing their access to the account used for Single Sign-On (for example, the employees Google account).
Let’s learn how to connect GaggleAMP to the PingOne dashboard with this integration guide.
Submitting a Request to GaggleAMP: Without a PingOne Account
If you do not have a PingOne account already, and you want to use them as your Single Sign-On provider, you’ll first need to contact GaggleAMP support.
Contact GaggleAMP Support via the GaggleAMP application or email email@example.com. In the message, let’s us know “I would like to enable the PingOne integration for my Gaggle.”
GaggleAMP Support will respond with a special link that you or your IT team can use to configure PingOne inside GaggleAMP.
|Note: If you already have a PingOne admin account, you can skip this step entirely.|
Sign-Up for a PingOne Admin Account
To sign-up for a PingOne account, please visit PingIdentity and request a demo. You will need to work with them directly to secure a PingOne account.
Once you have secured a PingOne account, you will go through account set-up with them. During the account set-up, there will be an email confirmation link sent to your email in which there is a Company ID discosed. Make note of the Company ID.
Sign-in to the PingOne Admin Account
From here, click ‘Add Application' and select ‘New SAML Application.’ Now you will enter your application details. The Application Name and Application Description are required fields. You will also be prompted to add a logo or icon, in which a PNG file is the only acceptable graphics format. Once this information has been entered, click ‘Continue to Next Step.’
On the ‘My Applications’ form, you will need the following values:
Assertion Consumer Service (ACS): https://accounts.gaggleamp.com/auth/saml/callback
Once you have filled out this step, continue to the next step. This will take you to the SSO Attribute Mapping page. From here, you can map the following optional attributes:
Application Attribute: email
Identity Bridge Attribute or Literal Value: email
Check the ‘Required’ checkbox.
Once complete, select ‘Save & Publish.’
Finally, review the application connection information. Following are required to configure PingOne on GaggleAMP. Before you select ‘Finish’ to complete the application set-up, be sure to copy the Single Sign-On (SSO) URL and download the Signing Certificate.
Finally, select ‘Finish.’
Submitting Your PingOne Configuration to GaggleAMP
Using the configuration values noted in the prior section, you will need to visit the special link that GaggleAMP support provided you and enter the request values:
Identity Provider Issuer: https://pingone.com/idp/CompanyID
Uncheck the box for 'Use Identity Provider provided metadata URL
Enter the Identity Provider Single Sign-On URL copied earlier in the installation
Upload the 509 Certificate
If you have questions on how to best integrate GaggleAMP to PingOne, please speak with your Customer Success Manager and we’d be happy to help you out.