This page describes how to configure SAML Single Sign-On (SSO) for Telerivet using Ping Identity as the Identity Provider.
Before completing these steps, the SAML Single Sign-On feature must be enabled for your account. Contact support@telerivet.com to request this feature.
- Log in to the Telerivet dashboard as an account with the "Organization administrator" role.
- Click Account, then click Organization Settings.
- Under Allowed Login Methods, click “Configure” next to SAML Single Sign-On.
- Leave all fields blank for now, enter your Telerivet password at the bottom and click “Save changes”.
- Click the Application Logo and download it to your computer.
- Open another browser window/tab and log in to your Ping Identity admin dashboard with an Ping Identity administrator account.
- In Ping Identity, click "Applications" > "Applications"
- Click "+" to add a new Application
- For the Application Name, enter "Telerivet"
- Upload the Telerivet logo that you previously downloaded as the Icon.
- Select "SAML Application" for the Application Type and click Configure.
- Under "SAML Configuration", click "Manually Enter"
- From the "SAML Single Sign-On Settings" page in Telerivet, copy the "Service Provider Assertion Consumer Service URL" URL and paste it into the "ACS URLs" field in Ping Identity.
- From the "SAML Single Sign-On Settings" page in Telerivet, copy the "Service Provider Entity ID (Audience URI)" URL and paste it into the "Entity ID" field in Ping Identity.
- Click "Save".
- Click the Attribute Mappings tab, then click the Edit (pencil) icon
- Under PingOne Mappings, select Email Address, then click "Save".
- Click the "Overview" tab
- From the "SAML Single Sign-On Settings" page in Telerivet, click "Edit Settings".
- Copy the "Issuer ID" in Ping Identity and paste it to the "Identity Provider Entity ID (Issuer URI)" in Telerivet
- Copy the "Initiate Single Sign-On URL" in Ping Identity and paste it to the "Identity Provider Single Sign-On URL (SAML 2.0 Endpoint)" in Telerivet
- Copy the "Single Logout Service" in Ping Identity and paste it to the "Identity Provider Single Log-Out URL" in Telerivet
- Click "Download Signing Certificate" in Ping Identity and select X509 PEM (.crt).
- Copy the "X.509 Certificate" in Ping Identity and paste it to the "Identity Provider Certificate" in Telerivet
- In Telerivet, under "Identity Provider Certificate", select the certificate file you just downloaded.
- Enter your password in Telerivet and click "Save changes".
- In Ping Identity, click the on/off switch to enable the Telerivet application.
- In Ping Identity, use the Access tab to assign groups or users that should have access to Telerivet via the SAML SSO integration.
Note: Each user will need to be granted access via the Ping Identity “Access” tab as well as via Telerivet’s User Accounts page in order to have access to Telerivet via Single Sign-On.
When Single Sign-On is enabled via Ping Identity, users can access Telerivet in either of the following ways:
- Log into the Ping Identity Application Portal and click the Telerivet link/logo
- Go to https://telerivet.com/dashboard . If not logged in already, click the “SAML” button and enter your email address.
Comments
0 comments
Please sign in to leave a comment.