Skip to main content

SSO integration with PingFederate using SAML

Looking for PingFederate OAuth instead?

This reference covers PingFederate as a SAML identity provider for logging into Atlan. For PingFederate as an OAuth identity provider for querying Snowflake from Atlan Insights, see SSO integration with PingFederate using OAuth.

If you have PingFederate as your IdP and are trying to integrate the SAML-based IdP using the metadata supplied from the page, you can use the following SAML assertion URL:

  • For identity provider initiated (IdP-initiated) SSO: https://{{instance}}/auth/realms/default/broker/{{alias}}/endpoint/clients/atlan-saml
  • For service provider initiated (SP-initiated) SSO: https://{{instance}}/auth/realms/default/broker/{{alias}}/endpoint

To use both IdP- and SP-initiated SSO, add both the URLs provided.

If you encounter an Invalid signature error, verify that the certificate in the XML metadata file is of the SHA-256 or SHA-512 type.