PingOne

IdP metadata for SAML applications

SAML metadata contains configuration details for single sign-on (SSO), including profile and binding support, connection endpoints, and certificate information. You can provide identity provider (IdP) metadata configuration information to your organization’s application team for configuring the application, as the application acts as the service provider (SP).

You can download the metadata XML file or copy the metadata URL to provide to the application team.

You can also download PingOne SP metadata when connecting PingOne with an external IdP using the SAML protocol and provide it to the external IdP team. Learn more in Downloading metadata for SAML IdPs.

Downloading the IdP metadata XML file

Steps

  1. In the PingOne admin console, go to Applications > Applications and browse or search for the application for which you want to download the IdP metadata.

  2. Click the application entry to open the details panel.

    Result:

    The application details panel opens to the Overview tab.

  3. For SAML applications with Allow Virtual Server IDs enabled, select a virtual server ID in the Display Virtual Server ID list to obtain the relevant metadata.

    Learn more about enabling virtual server IDs in Editing an application - SAML.

  4. If your PingOne environment is:

    • Configured with a custom domain:

      1. Click Download Custom.

        The service URLs in the metadata XML file start with your custom domain.

      2. If you want the application to send requests to the PingOne domain instead:

        1. Click Show PingOne Domain.

        2. Click Download Original.

          The service URLs in the downloaded file start with the PingOne domain.

    • Not configured with a custom domain:

      1. Click Download Metadata.

        The service URLs in the downloaded file start with the PingOne domain.

Copying the IdP metadata URL

  1. In the PingOne admin console, go to Applications > Applications and browse or search for the application for which you want to download the IdP metadata.

  2. Click the application entry to open the details panel.

    Result:

    The application details panel opens to the Overview tab.

  3. For SAML applications with Allow Virtual Server IDs enabled, select a virtual server ID in the Display Virtual Server ID list to obtain the relevant metadata.

    Learn more about enabling virtual server IDs in Editing an application - SAML.

  4. If your PingOne environment is:

    • Configured with a custom domain:

      1. Copy the IDP Metadata URL.

        When the application retrieves the metadata, the service URLs in the response start with your custom domain.

      2. If you want the application to send requests to the PingOne domain instead:

        1. Click Show PingOne Domain.

        2. Copy the IDP Metadata URL.

        When the application retrieves the metadata, the service URLs in the response start with the PingOne domain.

    • Not configured with a custom domain:

      1. Copy the IDP Metadata URL.

        When the application retrieves the metadata, the service URLs in the response start with the PingOne domain.

Result

The file is saved to your local device storage. You can pass the metadata file to the application team to complete the integration.