Configuring Values for Pingfederate for SSO

Copy

• Copy for LLM

  Copy page as Markdown for LLMs
• View as Markdown

  Open this page as Markdown
• Open in ChatGPT

  Get insights from ChatGPT
• Open in Claude

  Get insights from Claude
• Connect to Cursor

  Install MCP server on Cursor
• Connect to VS Code

  Install MCP server on VS Code

You can configure values for PingFederate in Identity Federation in TD Console. You must first configure a PingFederate application.

• Limitations
• Configuring Your Values for PingFederate
• Add New User to PingFederate in Identity Federation
• Add Existing User to PingFederate in Identity Federation

Limitations

Implementing Identity Federation will disable account users who currently sign-in to TD Console using Google SSO.

Configuring Your Values for PingFederate

1. Open TD Console.

2. Select the Control Panel.

3. Select Sign-in Settings.

4. 

The following fields are pre-populated:

• Account Name

• Entity ID

5. Select the Edit tool. The Edit Identity Federation dialog opens.

6. Select PingFederate as the Identity Provider Name.

7. You can configure Identity Federation with one of the following methods:

   1. Uploading a metadata XML file

   2. Configuring the fields manually with an X.509 certificate .crt file, a sign-in URL, and a sign-out URL.

This information is available to be downloaded by you when you configure your connection on PingFederate.

Upload a Metafile
Drag or Browse for the XML metafile downloaded from PingFederate.

Configure the Fields Manually
Enter the PingFederate information in the following fields.

• Sign-in Endpoint URL : The IdP URL that the user uses to sign into Treasure Data. Obtained from your IdP.

• Certificate File: Privacy Enhanced Mail Certificate file. Upload the .pem generated certificate from the IdP to validate the SAML response from the IdP to Treasure Data. Obtained from your IdP during set up.

8. Select Save.

9. Your configuration looks like the following:

Add New User to PingFederate in Identity Federation

1. After Identity Federation has been configured, navigate to Control Panel > Users.

2. Select Add User from the Action menu in the upper right corner.

3. The Add User dialog opens. Type in the user’s email address. Select PingFederate from the Sign-in Method dropdown. Select Same as email address as the Unique Identifier. Select Add.

4. On the Sign-In Settings page, select Copy Console Sign-in URL.

5. This URL directs enrolled TD users to the correct sign-in page.

Add Existing User to PingFederate in Identity Federation

1. After Identity Federation has been configured, navigate to Control Panel > Users.

2. Select the User you want to authenticate using the PingFederate SSO.

3. Select the edit pencil under Details.

4. The Personal Info dialog opens. Select PingFederate from the Sign-in Method dropdown. Select Save.

5. On the Sign-In Settings page, select Copy Console Sign-in URL.

6. This URL directs enrolled TD users to the correct sign-in page.