Using PingOne with Central
How to integrate Central with PingOne.
A live IdP environment must be configured before implementing federated authentication for Central.
See PingOne's Support Site.
Set up Common Login Service as an application
The Identity Provider must be configured to trust the Common Login Service (CLS) as a Service Provider. CLS is GoTo's own shared authentication service that provides single login experience for GoTo products and services on every platform.
You must add CLS as an application in Ping Identity to allow a trust relationship to be established between your network and the host.
- Log into your Ping Identity account at https://admin.pingone.com/web-portal/login.
- On the Applications tab, go to My Applications and select Add Application.
- Input all data in the Application Details wizard.
Option Description Field Input or Action Application Name Enter a unique name for CLS Application Description Enter a description for CLS (optional) Graphics Upload a logo for the CLS application (optional)
- Click Continue to Next Step.
The Application Configuration screen is displayed.
Configure CLS connection
From PingOne's Application Configuration screen the CLS connection must be configured
- Select the I have the SAML configuration option.
- Input all data in the Application Configuration wizard as shown in the table below. If not specified, leave the other configuration fields empty.
Field Input Protocol Version SAML v2.0 Assertion Consumer Service (ACS) https://accounts.logme.in/federated/saml2.aspx?returnurl=https%3A%2F%2Fsecure.LogMeIn.com%2Ffederated%2Floginsso.aspx Entity ID https://accounts.logme.in/Important: Must be unique across all applications. Application URL https://accounts.logme.in/
- Click Continue to Next Step.
The SSO Attribute Mapping screen is displayed.
Configure CLS attributes
From the SSO Attribute Mapping screen, a unique identifier attribute must be configured. The identifier represents the shared identifier between the IdP and the host, allowing users to access services.
- Add the following attributes in the SSO Attribute Mapping wizard by clicking Add new attribute. Leave the As Literal and Required options unchecked.
Application Attribute Identity Bridge Attribute or Literal Value Email Address FirstName First Name LastName Last Name
- Once all attributes are added, click Save & Publish.
The Review Setup screen is displayed.
Provide Information to GoTo
Once the IdP configuration is complete, you must provide the information to GoTo.
If you do not have an account representative, contact support.
- On the Review Setup screen, download the following files and send them to your GoTo representative.
Information Instructions Certificate The X.509 certificate used to encrypt and sign SAML 2.0 assertions. SAML Metadata The metadata document describing the endpoint addresses for communication.
Once your GoTo representative has configured the SAML 2.0 connection using the information provided, your users gain access to the appropriate account and permissions via the IdP as the authentication source. It may take up to 30 minutes for the SSO service to be established for the first time.Tip: To test the service, go to the CLS application on the Connections page at https://admin.pingone.com/web-portal/.