Skip to main content
SAML SSO to Salto with PingIdentity

Steps to take to enable SAML SSO connection with Salto SP using PingIdentity as IdP

Support avatar
Written by Support
Updated over 6 months ago

SSO is an Enterprise feature - If you are not an Enterprise customer, please contact support@salto.io

In order to establish a SAML-based SSO with Salto, where the Identity Provider is PingIdentity, you need to follow these steps in your PingOne management:

  1. Obtain a unique Connection Name from Salto (via Support or your Customer Success rep), that will be used to identify your connections (usually hyphenated domain name, e.g. my.domain.commy-domain-com).

  2. Go to ApplicationsAdd ApplicationSAML Application

    1. Enter a name (e.g. "Salto")

  3. Continue to ConfigureManually Enter

    • ACS URL: https://auth.salto.io/login/callback?connection=REPLACE_ME

    • Entity ID: urn:auth0:salto:REPLACE_ME

    • The REPLACE_ME should be replaced with the unique Connection Name from the first step

  4. Save and Enable the connection

  5. Attribute Mappings → add mappings as follows:

  6. ConfigurationCopy IDP Metadata URL and send to Salto

Let us know also the full list of domains where your users will be logging in from (e.g. myorg.com, myorg.co.uk, etc.)

If you have partners that are going to work on your Salto account, we strongly recommend creating dedicated email addresses for them on your domain or sub-domain (e.g. partners.myorg.com)

Did this answer your question?