Configure Single Sign-On for PingOne in CloudCheckr CMx
In this topic, you will learn how to set up Single Sign-On (SSO) with your PingOne account in CloudCheckr CMx by configuring:
- PingOne (the Identity Provider or IdP)
- CloudCheckr CMx (the Service Provider or SP)
You must be an enterprise customer to use IdP-initiated SSO.
- Create a support ticket in the CloudCheckr Service Desk Portal that indicates you need to set up SAML.
- A CloudCheckr Support engineer will:
- walk you through how to generate SAML IdP metadata through your SSO provider
- validate that the authentication process is working in your environment successfully
- In your Administration console, go to the Applications tab, click the Add Application button, and select New SAML Application option.
- Type CloudCheckr CMx in the App name text field and type CloudCheckr CMx Cloud Management Platform in the Application Description text field.
- Configure the following SAML settings:
- Protocol Version: SAML v 2.0
- Assertion Consumer Service (ACS):
- For iDP-initiated SSO, type https://auth-us.cloudcheckr.com/auth/sso/saml2/Acs
- For SP-initiated SSO, type https://auth.mycompanycloud.com/auth/sso/saml2/Acs
- Entity ID:
- For iDP-initiated SSO, type https://auth-us.cloudcheckr.com/auth
- For SP-initiated SSO, type https://auth-us.cloudcheckr.com/auth
- Skip the SSO Attribute Mapping step; no changes are required.
- Click Save & Publish.
- On the Review Setup page, click the Download to download an XML file that contains the metadata from SAML, which CloudCheckr requires to complete the setup.
- Click Finish. CloudCheckr CMx is now listed in the My Applications list. The user will also see it in their CloudDesktop.
- Please contact Support directly to ensure your CloudCheckr CMx account is properly configured to allow access via PingOne.