SSO is an Enterprise feature - If you are not an Enterprise customer, please contact support@salto.io
In order to establish a SAML-based SSO with Salto, where the Identity Provider is PingIdentity, you need to follow these steps in your PingOne management:
Obtain a unique Connection Name from Salto (via Support or your Customer Success rep), that will be used to identify your connections (usually hyphenated domain name, e.g.
my.domain.com→my-domain-com).Go to Applications → Add Application → SAML Application
Enter a name (e.g. "Salto")
For icon, you can use this: https://salto-static.com/images/small-salto-logo.png
Continue to Configure → Manually Enter
ACS URL:
https://auth.salto.io/login/callback?connection=REPLACE_MEEntity ID:
urn:auth0:salto:REPLACE_METhe
REPLACE_MEshould be replaced with the unique Connection Name from the first step
Save and Enable the connection
Attribute Mappings → add mappings as follows:
Configuration → Copy IDP Metadata URL and send to Salto
Let us know also the full list of domains where your users will be logging in from (e.g. myorg.com, myorg.co.uk, etc.)
If you have partners that are going to work on your Salto account, we strongly recommend creating dedicated email addresses for them on your domain or sub-domain (e.g. partners.myorg.com)