Enable your PingOne users to access Trelica with Single-Sign-On (SSO).
Add Trelica to PingOne
Log in as an administrator to the PingOne console. Open the Applications page and then click Add Application in the My Applications list.
Select Search Application Catalog:
Enter Trelica in the search box, and click Search.
The Trelica SAML application is listed. Click the big arrow to expand the box:
Some summary information is displayed. Click Setup to get started:
A high-level overview of the configuration process is displayed. Scroll down and click Continue to Next Step, as these instructions take you through everything in detail:
The second step ("Connection Configuration") needs the Trelica ACS URL. Open Trelica in a new browser tab, as you will need to switch back to PingOne shortly.
Log in to your Trelica site, and then go to Admin > Settings > Users > SAML providers. Click the Copy icon next to the SAML assertion consumer service (ACS) URL to copy it to the clipboard.
Now go back to PingOne, and in the Connection Configuration tab paste Ctrl + V
the URL into the ACS URL field. It should be something like https://app.trelica.com/Id/Saml2/xxx/Acs:
Scroll down and click Continue to Next Step:
You now need to map PingOne Identity Bridge Attributes to three fields that get passed to Trelica when a SAML connection is made. These may vary depending on the backing directory you have configured for PingOne. The attributes will be those for the user's last name, first name and primary (work) email, but may vary from the attributes shown below:
Once you have finished, click Continue to Next Step.
The fourth step lets you modify the suggested icon, name, description and application category for Trelica. Feel free to change these if you wish, but otherwise you can accept the defaults, and click Continue to Next Step:
The Group Access panel lets you grant PingOne user groups access to the Trelica application. The list of groups will vary depending on your setup, but we recommend adding an administrators group initially for testing purposes, before you go back in and add broader user groups.
When you've chosen the groups you want, click Continue to Next Step.
The final panel confirms all the details you have selected. This panel contains an important piece of information that we need to configure SAML in Trelica, namely the SAML Metadata URL. Scroll down the page to find this, and carefully select the URL in your browser and copy it to the clipboard ( Ctrl + C
or right-click in your browser and choose Copy).
Configure Trelica
Return to the SAML providers settings in Trelica (or re-open Trelica and go to Admin > Settings > Users > SAML providers) and click New. The New SAML Identity Provider dialog is displayed.
Keep PingOne open whilst you do this, as we still need to finalize settings in PingOne once we have finished configuring things in Trelica.
In the Name field enter Ping Identity and set the Metadata type to Metadata from URL.
Paste the SAML Metadata URL that you copied from PingOne into the Metadata URL field:
Click Create.
Finalize configuration in PingOne
Switch back to PingOne, and scroll down the confirmation panel and click Finish:
You should now see the Trelica application marked as Installed in PingOne:
Test the connection
You should have assigned one or more user groups to the Trelica application in PingOne. In order to test the configuration, you need to log in to the PingOne Dock and try connecting to Trelica.
If you're unsure of the PingOne Dock URL you can find it in the Setup > Dock > Configuration page:
Log in to the dock as one of the users to whom you assigned the Trelica application in the PingOne admin console.
You should now see the Trelica application icon. Click the icon to connect to Trelica:
Comments
0 comments
Please sign in to leave a comment.