Configure Single Sign-On for PingOne in CloudCheckr

In this topic, you will learn how to set up SSO with your PingOne account by configuring:

  • PingOne (the Identity Provider or IdP)
  • CloudCheckr (the Service Provider or SP)

Procedure

If you log in to CloudCheckr at https://eu.cloudcheckr.com, https://au.cloudcheckr.com, https://gov.cloudcheckr.com, or https://fed.cloudcheckr.com, use one of those URLs in place of https://app.cloudcheckr.com in the following steps.
  1. Log in to PingOne using a valid email address as your username.
    CloudCheckr uses this username to create the user in the CloudCheckr application. If the username is not a valid email address, CloudCheckr will send the user an error message.
  2. In your Administration console, go to the Applications tab, click the Add Application button, and select New SAML Application option.

  3. Type CloudCheckr in the App name text field and type CloudCheckr Enterprise in the Application Description text field.

  4. Configure the following SAML settings:
    1. Protocol Version: SAML v 2.0
    2. Assertion Consumer Service (ACS):
      • For iDP-initiated SSO, type https://app.cloudcheckr.com/sso/acs
      • For SP-initiated SSO, type https://mycompanyscloud.mycompany.com/sso/acs
    3. Entity ID:
      • For iDP-initiated SSO, type https://app.cloudcheckr.com
      • For SP-initiated SSO, type https://mycompanyscloud.mycompany.com
    4. Application URL:
      • For iDP-initiated SSO, type https://app.cloudcheckr.com
      • For SP-initiated SSO, type https://mycompanyscloud.mycompany.com
  5. Skip the SSO Attribute Mapping step; no changes are required.
  6. Click Save & Publish.

  7. On the Review Setup page, click the Download to download an XML file that contains the metadata from SAML, which CloudCheckr requires to complete the setup.

  8. Click Finish.

    CloudCheckr is now listed in the My Applications list.

    The user will also see it in their cloud desktop.

Configure in CloudCheckr

Please contact Support directly to ensure your CloudCheckr account is properly configured to allow access via PingOne.

How did we do?