Configuring PingFederate for SAML-SSO in AppScan Enterprise

You can configure the PingFederate an enterprise federated server that serves as an Identity Provider (IdP) for user authentication service through SAML-SSO login method. It supports users login to applications that are accessed shared between multiple inter-organizational units under a larger organization. This IdP also offers cloud-based SSO capabilities.

Before you begin

You must be an AppScan Enterprise administrator to configure the PingFederate as an IdP for SAML-SSO.
You must be PingFederate administrator.
You must have completed the following tasks:
- Installed the AppScan Enterprise V10.0.2 or later on your system. See Installing AppScan Enterprise.
- Configured the SAML properties file with the Sign-On URL and SP Entity ID. See Enabling SAML Service Provider.

Procedure

Open the PingFederate application page by using the PingFederate URL in a browser.
The PingFederate login page is displayed.
Log in to the PingFederate account as an administrator.
The PingFederate Dashboard page is displayed.
Click the CONNECTIONS menu.
The Connections page is displayed.
Click the Add Application tab.
The page containing different types of platform-based applications that the PingFederate supports for SAML SSO authentications is displayed.
Hover the mouse on WEB APP link.
You must choose this option as the AppScan Enterprise is a web-based application. The Choose Connection Type dialog box callout is displayed.
Click Configure corresponding to SAML connection type.
The Create App Profile page is displayed.
In the App Name box, enter a unique name you want to be displayed represent AppScan Enterprise application on PingFederate page. For example: You can define the name as ASE-SSO.
Click the Icon thumbnail to browse and select an icon that represents AppScan Enterprise product logo, if required.
The product logo or icon you select is displayed in preview.
Enter brief description about AppScan Enterprise application in the Description box.
Click Next.
The Configure SAML Connection page is displayed.
Enter the details for the ACS URL, Entity Id and Assertion Validity Duration parameters in the format as follows:
- ACS URLs - <ASE url>/api/saml
- ENTITY ID - <ASE url>/metadata.jsp
- ASSERTION VALIDITY DURATION (IN SECONDS) - 300
Click Save and Continue.
The AppScan Enterprise application configuration page is integrated with PingFederate. The Attribute Mappings page is displayed.
Click Finish. The Attribute Mappings page is displayed.

Results

The AppScan Enterprise is configured to PingFederate for SAML-SSO user authentication service.

What to do next

You must now complete the additional SAML properties setup for the AppScan Enterprise application you have integrated in the PingFederate in the Attribute Mappings page. See, Updating PingFederate Token certificate and Custom properties for SAML