Ping Identity SAML SSO Integration

This guide explains how to integrate Fiddler with an existing Ping Identity SSO application using SAML.

Ping Identity Setup

Create a new SAML integration application with following properties:

ACS URL: https://<deployment_name>/api/sso/ping/callback
Entity ID: https://<deployment_name>/
Set Signing property to Sign Assertion and Response .

Once the setup is complete, download the certificate file.

Deployment Instructions

Create a <secret_filename>.yaml file using the following template.

You'll find the values in the Ping application's configuration.

apiVersion: v1
kind: Secret
metadata:
    name: fiddler-sso-ping-credentials
    namespace: <NAMESPACE_NAME>
data:
    # Value of Single Sign-On Service when viewing the configuration of the application 
    sso-ping-entry-point: <PING_ENTRY_POINT> 
    # Value of entity ID
    sso-ping-entity-id: <PING_ENTITY_ID> 
    # Download .crt file from the application configuration
    sso-ping-cert: <PING_CERTIFICATE> 
type: Opaque

All the values must be base64 encoded.

On Mac OS X, you can run echo -n "string to be encoded" | base64 to get the encoded value.

Do not use double quotes anywhere in the values.

Update the Kubernetes secret in the namespace of the cluster using the above file.

kubectl apply -f <secret_filename>.yaml -n fiddler

Update the Helm variables below.

fiddler:
    auth:
        sso:
            provider: ping
        ping:
            secretName: fiddler-sso-ping-credentials

Once the deployments are updated, the new SSO settings will be applied.

PreviousSSO with Azure AD NextMapping LDAP Groups & Users to Fiddler Teams

Last updated 22 hours ago

Was this helpful?