Set up PingIdentity as your IdP - Amazon WorkSpaces Web

Set up PingIdentity as your IdP

The following steps describe how to set up PingIdentity to use with WorkSpaces Web. You must have PingIdentity set up in order to proceed.

To set up PingIdentity as your IdP

  1. Setup an environment. (Skip this step if you want to use the Administrator environment for SAML integration.)

    1. From the Okta console, choose Add Environment, Customer Solution, Next, and then Next.

    2. For your license’s deployment options, enter the Environment Name, and select the Generate sample populations and users in this environment checkbox.

    3. Choose Finish.

  2. In another tab, from the WorkSpaces Web console, follow steps 1-3 of Step 1: Create a web portal to download the service provider metadata file. Keep this tab open.

  3. Setup SAML for your PingIdentity customer environment.

    1. From the PingIdentity homepage, select the environment you want to set up SAML on.

    2. From the left-hand navigation menu, choose Connections.

    3. In the top-right corner, choose Add application.

    4. Under Select an application type, select the first option for web application and choose Configure for the SAML connection type.

    5. Enter an Application Name and choose Next.

    6. On Configure SAML Connection, choose Choose File and select the SP SAML metadata that you downloaded in step 2.

    7. View the values and, for ASSERTION VALIDITY DURATION (IN SECONDS), enter how long a user can stay logged in, in seconds.

    8. Choose Save and Continue, and then choose Save and Close.

  4. Retrieve Ping Application’s IdP metadata and upload it to WorkSpaces Web.

    1. Navigate to your environment and choose Connections and Applications.

    2. Expand your application info and choose Configuration.

    3. Under Connection Details, choose the Download button to download the IdP metadata.

    4. In the other tab, from the WorkSpaces Web console, follow step 5 and the remaining steps of Step 1: Create a web portal to upload the IdP metadata file from Ping and finish creating your web portal.

  5. Add a test user.

    1. From the PingIdentity console, choose Identities, Add User, fill in the fields, and choose Save.

    2. The user will be assigned to a Population that you automatically generated or a pre-existing population. If you don’t have a population, choose Population and create one.

    3. Choose Reset Password, Generate Password, and choose the eye button to view the password. Copy the password for validation later and choose Save.

  6. Validate.

    1. If you want to restrict users of the WorkSpaces Web application to a certain group, select groups to grant access to under the Ping Application’s Access tab.

    2. To activate the Ping Application for User Access, navigate to your environment and choose Connections and Applications.

    3. Between the Application name and Avg daily sign-ons, toggle the application to Enabled for user access.

    4. Follow the steps in Step 2: Test the endpoint to validate setup.