Configuring Values for Pingone for Enterprise SSO
Copy for LLM
Copy page as Markdown for LLMs
View as Markdown
Open this page as Markdown
Open in ChatGPT
Get insights from ChatGPT
Open in Claude
Get insights from Claude
Connect to Cursor
Install MCP server on Cursor
Connect to VS Code
Install MCP server on VS Code

You can configure values for PingOne for Enterprise in Identity Federation in TD Console. You must first configure a PingOne application.

Limitations

Implementing Identity Federation will disable account users who currently sign-in to TD Console using Google SSO.

The following fields are pre-populated:

You can configure Identity Federation with one of the following methods:
1. Uploading a metadata XML file
2. Configuring the fields manually with an X.509 certificate .crt file, a sign-in URL, and a sign-out URL.

This information is available to be downloaded by you when you configure your connection on PingOne for Enterprise.

Upload a Metafile
Drag or Browse for the XML metafile downloaded from PingOne.

Configuring Manually
Enter the PingOne information in the following fields.

Sign-in Endpoint URL : The IdP URL that the user uses to sign into Treasure Data. Obtained from your IdP.
Sign-out Endpoint URL : The IdP URL that the user is in when they sign-out of Treasure Data. Obtained from your IdP.
Certificate File: Privacy Enhanced Mail Certificate file. Upload the .pem generated certificate from the IdP to validate the SAML response from the IdP to Treasure Data. Obtained from your IdP during set up.

After Identity Federation has been configured, navigate to Control Panel > Users.

2. Select Add User from the Action menu in the upper right corner.

The Add User dialog opens. Type in the user’s email address. Select PingOne for Enterprise from the Sign-in Method dropdown. Select Same as email address as the Unique Identifier. Select Add.

4. On the Sign-In Settings page, select Copy Console Sign-in URL.