PingOne Cloud (Enterprise)
The PingOne Cloud for Enterprise suite provides single sign-on (SSO) and identity management for cloud-based applications.
The following sections explain prerequisites, resources, and instructions for integrating with SaaS Management.
Stored Information for PingOne Cloud (Enterprise)
The following table describes the available integration tasks and stored data within [ProductName].
|
|
|
|
Application Roster
|
|
|
Application Access
|
|
|
Application Discovery
|
|
|
SSO Application Roster
|
Note:The SSO Name is the name of the application managed by the SSO provider.
|
|
SSO Application Access
|
Note:the following:
|
•
|
The SSO Name is the name of the application managed by the SSO provider. |
|
•
|
The SSO Display Name is the display name of the application managed by the SSO provider. |
|
•
|
Depending on the application, the SSO Name and SSO Display Name may appear the same or different. Therefore, both names are stored in SaaS Management. |
|
Note:The information stored is subject to change as enhancements are made to the SaaS application.
Required Minimum Permissions for PingOne Cloud (Enterprise)
Global Administrator access is required to generate or renew an API key. For more information, see PingIdentity’s documentation topic, View or Renew Directory API Credentials.
Authentication Method for PingOne Cloud (Enterprise)
The Basic authentication method is required.
Required Credentials for PingOne Cloud (Enterprise)
The following credentials are required:
Integrating PingOne Cloud (Enterprise) With SaaS Management
Complete the following steps to integrate PingOne Cloud (Enterprise) with SaaS Management.
To integrate PingOne Cloud (Enterprise) with SaaS Management:
|
1.
|
Sign in to the PingOne admin portal with your PingOne Account Username and Account Password. |
|
2.
|
To obtain your API credentials (Client ID and API Key), go to Setup and select Directory Settings > API Credentials. |
|
3.
|
To add a poll subscription, go to Dashboard and select Reporting > Subscriptions. |
|
4.
|
In the Subscriptions tab, click Add Subscription and enter the following. |
|
a.
|
Enter a Subscription Name. |
|
c.
|
For Subscription Type, enter Poll. |
|
d.
|
For Batch Size, enter 1000 (maximum value). |
|
5.
|
Select the poll subscription you have added and click the expand icon on the right to display the details. |
|
6.
|
Copy the Poll URL to obtain the Poll Subscription ID. |
Example Poll URL: https://admin-api.pingone.com/v3/reports/d71ffd5b-97aa-47fb-b741-a9fa350dca71/poll-subscriptions/271ec0c3-f707-4e0f-9249-4bca0dcf8cac/events
The Poll Subscription ID is the value that follows poll-subscriptions in the Poll URL. For our example, the value is 271ec0c3-f707-4e0f-9249-4bca0dcf8cac
For more information, see PingIdentity’s community topic: PingOne Poll Subscription for SSO Audit Reports Without Admin Credentials
Note:For the integration task SSO Application Access:
|
•
|
Audit events are kept for 7 days and then discarded. |
|
•
|
The API is read only one time. After audit events are consumed, they cannot be retrieved again. |
|
8.
|
Copy and paste the following PingOne information in SaaS Management. |
Tip:After the Application Discovery integration task has been enabled after 24 hours, you can add the discovered SSO enabled applications to your list of Managed SaaS Applications. For more information, see Adding Discovered SSO Enabled Applications to Your List of Managed SaaS Applications.
API Endpoints for PingOne Cloud (Enterprise)
Application Roster and Application Access
https://directory-api.pingone.com/api/directory/user
Application Discovery
https://admin-api.pingone.com/v3/applications/templates/available/<Account ID>
Note:Account ID is the same as Client ID.
SSO Application Roster
https://directory-api.pingone.com/api/directory/user
https://admin-api.pingone.com/v3/reports/<Account ID>/poll-subscriptions/<Poll Subscription ID>/events
SSO Application Access
https://admin-api.pingone.com/v3/reports/<Account ID>/poll-subscriptions/<Poll Subscription ID>/events