# PingFederate

**PingFederate** is a federation server offering identity management, web SSO, and API security. It supports identity standards such as SAML, WS-Federation, OAuth, and OpenID Connect, allowing users to securely access applications with a single identity.

***

## Setting up SSO Using PingFederate

### Step 1: Create an SP Connection in PingFederate

1. Log in to PingFederate.
2. Navigate to **Identity Provider > SP Connections > Create New**.
3. Select **Browser SSO Profiles** on the **Connection Type** page and click **Next**.
4. Select **Browser SSO** on the **Connection Options** page and click **Next**.
5. On the **Import Metadata** tab:
   * Choose **File**.
   * Upload the SSO metadata file.
   * Click **Next**.
6. Provide the following:
   * **Entity ID** (subdomain with https\://)
   * **Connection Name**
   * **Base URL** (SAML Endpoint URL)
   * Click **Next**.
7. Click **Configure Browser SSO**.
8. Select **IdP-Initiated SSO** and **SP-Initiated SSO**, then click **Next**.
9. Enter **Assertion Lifetime**, then click **Next**.
10. Click **Configure Assertion Creation**.
11. Choose **Standard Identity Mapping**, then click **Next**.
12. Configure:
    * **Subject Name Format**: `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress`
    * **Attribute Name Format** for Email: `urn:oasis:names:tc:SAML:2.0:attrname-format:basic`
13. Click **Next**.
14. Click **Map New Adapter Instance**.
15. Select an **Adapter Instance**, click **Next**.
16. Select **Mapping Method**.
17. Click **Add Attribute Source**.
18. Enter attribute store details and click **Next**.
19. Configure LDAP Directory Search and click **Next**.
20. Set **Attribute Encoding Type** to **Base64** for Mail.
21. Select appropriate filters.
22. Attribute Contract Fulfillment:
    * **Email**: Source: LDAP, Value: mail
    * **SAML\_SUBJECT**: Source: LDAP, Value: Subject DN
23. Click **Next** and review Attribute Source summary.
24. Leave next screen default settings.
25. Select **SEND USER TO SP USING DEFAULT LIST OF ATTRIBUTES**.
26. Attribute Contract Fulfillment:
    * **Email**: Source: Adapter, Value: mail
    * **SAML\_SUBJECT**: Source: Adapter, Value: username
27. Click through summary and defaults until **Configure Protocol Settings**.
28. Enter protocol settings.
29. Select SAML bindings and set **Artifact lifetime** to 60 seconds.
30. Enter remote party URL: e.g., `https://pg.autorabit.com/saml/SSO`
31. Select **Always Sign Assertion**, set encryption policy to **None**, then click **Next**.
32. Complete remaining steps, keeping default values unless specified.
33. Under **Configure Credentials**, select:
    * **HTTP BASIC**
    * **Validate partner SSL certificate**
34. Provide **Username** and **Password** for SOAP authentication.
35. Repeat for **Receive from your partner** section with similar settings.
36. Choose signing key/certificates.
37. Complete SP connection configuration and export metadata XML:
    * **Identity Provider > Manage All > Select Action > Export Metadata**

***

### Step 2: Configure SSO in AutoRABIT

1. Log in to AutoRABIT.
2. Navigate to **Admin > My Account**.
3. Scroll to the **SSO Configuration** section.
4. Upload the previously downloaded metadata XML.
5. Log out, return to the login page, and click **Single Sign On**.
6. Enter domain and click **Go**.
7. You’ll be redirected to your domain's SSO login screen. Enter PingFederate credentials.

***

Once completed, users will authenticate via PingFederate to access AutoRABIT through secure, federated SSO.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://knowledgebase.autorabit.com/product-guides/arm-1/integration-and-plugins/sso/sso-for-pingfederate.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.