PingOne Cloud (Enterprise)

The PingOne Cloud for Enterprise suite provides single sign-on (SSO) and identity management for cloud-based applications.

The following sections provide prerequisites, resources, and instructions for integrating with SaaS Management.

Stored Information for PingOne Cloud (Enterprise)
Required Minimum Permissions for PingOne Cloud (Enterprise)
Authentication Method for PingOne Cloud (Enterprise)
Required Credentials for PingOne Cloud (Enterprise)
Integrating PingOne Cloud (Enterprise) With SaaS Management
API Endpoints for PingOne Cloud (Enterprise)

Stored Information for PingOne Cloud (Enterprise)

The following table describes the available integration tasks and stored data.

Available Integration Tasks

Information Stored

Application Roster

User ID
Email
First Name
Last Name
Active Date

Application Access

User ID
Occurred (Last Login)

Application Discovery

Application ID
Application Name

SSO Application Roster

User ID
Email
First Name
Last Name
SSO Name
SSO Application ID

Note:The SSO Name is the name of the application managed by the SSO provider.

SSO Application Access

User ID
Occurred
SSO Name
SSO Display Name
SSO Application ID

Note:the following:

The SSO Name is the name of the application managed by the SSO provider.
The SSO Display Name is the display name of the application managed by the SSO provider.
Depending on the application, the SSO Name and SSO Display Name may appear the same or different. Therefore, both names are stored in SaaS Management.

Note:The information stored is subject to change as enhancements are made to the SaaS application.

Required Minimum Permissions for PingOne Cloud (Enterprise)

Global Administrator is required to generate or renew an API key. For more information, see PingIdentity’s documentation topic: View or Renew Directory API Credentials.

Authentication Method for PingOne Cloud (Enterprise)

Basic

Required Credentials for PingOne Cloud (Enterprise)

Client ID
API Key
Account Username
Account Password
Region
Poll Subscription ID

Integrating PingOne Cloud (Enterprise) With SaaS Management

Complete the following steps to integrate PingOne Cloud (Enterprise) with SaaS Management.

To integrate PingOne Cloud (Enterprise) with SaaS Management:

1. Sign in to the PingOne admin portal with your PingOne Account Username and Account Password.
2. To obtain your API credentials (Client ID and API Key), go to Setup and select Directory Settings > API Credentials.
3. To add a poll subscription, go to Dashboard and select Reporting > Subscriptions.
4. In the Subscriptions tab, click Add Subscription and enter the following.
a. Enter a Subscription Name.
b. For Type, enter SSO.
c. For Subscription Type, enter Poll.
d. For Batch Size, enter 1000 (maximum value).
e. Click Done.
5. Select the poll subscription you have added and click the expand icon on the right to display the details.
6. Copy the Poll URL to obtain the Poll Subscription ID.

Example Poll URL: https://admin-api.pingone.com/v3/reports/d71ffd5b-97aa-47fb-b741-a9fa350dca71/poll-subscriptions/271ec0c3-f707-4e0f-9249-4bca0dcf8cac/events

The Poll Subscription ID is the value that follows poll-subscriptions in the Poll URL. For our example, the value is 271ec0c3-f707-4e0f-9249-4bca0dcf8cac 

For more information, see PingIdentity’s community topic: PingOne Poll Subscription for SSO Audit Reports Without Admin Credentials 

7. In SaaS Management, add the PingOne application. For more information, see Adding an Application.

Note:For the integration task SSO Application Access:

Audit events are kept for 7 days and then discarded.
The API is read only one time. After audit events are consumed, they cannot be retrieved again.
8. Copy and paste the following PingOne information in SaaS Management.
API Key
Client ID
Poll Subscription ID
9. Click Authorize.

Tip:After the Application Discovery integration task has been enabled after 24 hours, you can add the discovered SSO enabled applications to your list of Managed SaaS Applications. For details, see Adding Discovered SSO Enabled Applications to Your List of Managed SaaS Applications.

API Endpoints for PingOne Cloud (Enterprise)

Application Roster and Application Access

https://directory-api.pingone.com/api/directory/user

Application Discovery

https://admin-api.pingone.com/v3/applications/templates/available/<Account ID>

Note:Account ID is the same as Client ID.

SSO Application Roster

https://directory-api.pingone.com/api/directory/user

 

https://admin-api.pingone.com/v3/reports/<Account ID>/poll-subscriptions/<Poll Subscription ID>/events

SSO Application Access

https://admin-api.pingone.com/v3/reports/<Account ID>/poll-subscriptions/<Poll Subscription ID>/events