Using Fortanix Data Security Manager with Ping Identity

1.0 Introduction

This article describes how to integrate Fortanix-Data-Security-Manager (DSM) with Ping Identity using SAML configuration.

It also contains the information that a user requires to:

• Configure Single Sign-On (SSO) mapping details in Ping Identity.

• Configure group access in Ping Identity.

• Perform SSO SAML authentication with Ping Identity in Fortanix DSM.

2.0 Prerequisites

Ensure the following:

• An account on Fortanix DSM. For more information on how to create an account, refer to the User's Guide: Getting Started with Fortanix Data Security Manager - UI.

• Ping Identity is installed and pre-configured on the system.

3.0 Configure Ping Identity SSO

Perform the following steps to add Fortanix DSM as an SAML application in Ping Identity:

1. Log in to the Ping Identity admin page using the URL: https://admin.pingone.com/web-portal/login.

   

2. Navigate to APPLICATIONS → My Applications → SAML tab for configuring a SAML application.

3. Click the Add Application drop down and select New SAML Application to create a new SAML application.

   

4. In the Application Details section, enter the Application Name, Application Description, Category and update the Graphics icon as per your organization.  

   

5. Click Continue to Next Step to go to the Application Configuration section and update the following information:

   • Assertion Consumer Service (ACS): https://<FORTANIX_DSM_URL>/saml

   • Entity ID: https://<FORTANIX_DSM_URL>/saml/metadata.xml

   • Application URL: https://<FORTANIX_DSM_URL>

   

6. Click Continue to Next Step to configure the SSO Attribute Mapping section.

7. If you do not have any SSO Attribute Mapping, then click Continue to Next Step to configure Group Access.

   

8. In the Group Access section, click Add to add the group access for Domain Administrators and Users in the directory.  

   

   Click Remove if you want to delete the Domain Administrator or User.

   

9. Review the setup and click the Download link to download the SAML Metadata and click Finish.

   

10. Once done, you will be able to find the Fortanix application in the My Applications tab.  

    

4.0 Configure PingOne SSO in Fortanix DSM

Perform the following steps to integrate Fortanix DSM with PingOne using SAML configuration:

1. Log in to the Fortanix DSM using URL: https://<FORTANIX_DSM_URL>/.

2. In the Fortanix DSM user interface (UI), navigate to Settings → AUTHENTICATION tab, and select SINGLE SIGN-ON as the authentication method.

3. Click ADD SAML INTEGRATION to add a new SAML integration.

   

4. On the Add SAML Integration page, do the following:

   • Click UPLOAD A FILE to browse and upload the SAML file downloaded in Step 8 of Section 3.0: Configure Ping Identity SSO.

     

   • In the SSO Title field, customize the SSO by adding a name in the SSO Title field and a URL for the logo image in the Logo URL field.

   • Click ADD INTEGRATION.

   

5. After successfully integrating Ping Identity SSO, Fortanix DSM displays the configured SSO as shown below:

   

5.0 Test the Integration

Perform the following steps to verify the SSO integration:

1. Log out of Fortanix DSM to sign in using SSO.  

2. On the Fortanix DSM Login screen, click the LOG IN WITH PINGONE SSO to log in using the newly added SSO configuration.

   

3. You will now be automatically logged in to Fortanix DSM and reach the Fortanix DSM accounts page.

   NOTE

   Ensure that the users logging in to the Fortanix DSM are a part of the Users list in Ping Identity. A user can log in to Fortanix DSM using Ping Identity SSO only if their name exists in the Ping Identity user directory.