All Collections
SupplyPike
Frequently Asked Questions
Enterprise SSO - PingFederate SAML
Enterprise SSO - PingFederate SAML

Learn how to set up PingFederate as your SupplyPike IdP

Support avatar
Written by Support
Updated over a week ago

Plan: Enterprise

To configure your PingFederate server as an IdP for SupplyPike, refer to the configuration values below.

  • EntityID: urn:auth0:supplypike:{connectionName}

  • Assertion Consumer Service URL: https://auth.supplypike.com/login/callback

  • Logout URL: https://auth.supplypike.com/logout

  • HTTP-Redirect binding for SAML Request

  • HTTP-POST binding for SAML Response

{connectionName} below will be provided to you by your SupplyPike support rep.

  1. Download metadata file from https://auth.supplypike.com/samlp/metadata?connection={connectionName}. You will upload this file to import information into the PingFederate configuration.

  2. Sign on to your PingFederated account and select Create New from the SP Connections section.

  3. Configure the SP Connection.

    • Select the Browser SSO Profiles as the Connection Type.

    • Select Browser SSO as the Connection Options.

  4. Upload the metadata file that you downloaded in step 1. The Entity ID, Connection Name, and the Base URL will be automatically populated based on the information from the metadata file.

  5. Configure Browser SSO.

    • Select SP-Initiated SSO and SP-Initiated SLO in SAML Profiles.

    • Go to the Assertion Creation section and click Configure Assertion. Accept all defaults for the next two screens.

  6. Go to the IdP Adapter Mapping section. This is where users will be authenticated. Likely, you already have one configured in your PingFederate installation. Select one, or add a new one. SupplyPike only requires the NameIdentifier claim. All other attributes will be passed further to the end application.

  7. Configure Protocol Settings. Values for Protocol Settings are imported from the metadata file. Next, you will see the Assertion Consumer Service URL and the Sign-Out URLs. Click Next to the Allowable SAML Bindings section.

  8. Leave POST and Redirect enabled. Make sure SAML Assertion is always signed.

  9. Configure Credentials. On Digital Signature Settings, select your signing certificate and make sure you check the option to include it in the <KeyInfo> element.

  10. Configure the certificate used to sign incoming requests. You can download the SupplyPike certificate (use https://auth.supplypike.com/pem) and upload it here.

  11. Review your settings and set them as Active or Inactive.

  12. Click Save at the bottom of the screen. You should see the new SP Connection on the Main screen.

Did this answer your question?