Sleuth Documentation
HomeBlogSupportSign up
  • Getting started
  • Navigating Sleuth
  • DORA metrics
    • Deploy frequency
    • Change lead time
    • Change failure rate
    • MTTR
    • Interpreting Metrics in Sleuth
  • Deployment tracking
    • Organization
      • Labels
      • Trends
      • Compare
      • Search
      • Status
    • Projects
      • Issue trackers
    • Environments
    • Code deployments
      • Creating a deployment
      • How to register a deploy
      • Rollbacks
      • Automatic tagging
      • Deployment locking
      • Environment drift
      • Move code deployments
      • Search everything
    • Feature flags
    • Manual changes
    • Deploys
    • Teams
  • Work in Progress
  • Goals
  • Sleuth Automations
    • Automations Marketplace
      • Installing Automations
        • Installing PR "Update" Automations
      • Editing and uninstalling Automations
      • Smart suggestions
      • Understanding efficacy
    • Custom Automations
      • Automations Cookbook
      • Webhook Actions
      • Trigger Build Actions
        • Bitbucket Pipelines
        • CircleCI
        • Github Actions
        • Jenkins
  • Slack & Email Notifications
  • Auto-verify deploys
    • Anomaly detection
    • Error impact
    • Metric impact
  • Ignoring pull requests
  • Slack mission control
    • Approvals
    • Project notifications
    • Personal notifications
    • Search Sleuth in Slack
    • Project/Deployment history
    • Developer standup
  • Sleuth API
    • Deploy Registration
    • Deploy import
    • Manual Change
    • Custom Incident Impact Registration
    • Custom Metric Impact Registration
    • Deprecation information
    • GraphQL Queries
    • GraphQL Mutations
    • Query batching
  • Integrations
    • About Integrations...
    • Code integrations (read-only)
      • Azure DevOps
      • Bitbucket
      • GitHub
      • GitLab
      • Custom Git
      • Terraform Cloud
    • Code integrations (write)
    • Feature flag integrations
      • LaunchDarkly
    • Impact integrations
      • Error trackers
        • Bugsnag
        • Honeybadger
        • Rollbar
        • Sentry
      • Metric trackers
        • AppDynamics
        • AWS CloudWatch
        • Custom
        • Datadog
        • Jira metrics (Cloud / Data Center)
        • NewRelic
        • SignalFx
      • Incident tracker integrations
        • Blameless
        • PagerDuty
        • Datadog Monitors
        • Statuspage
        • Opsgenie
        • Jira (Cloud/Data Center)
        • FireHydrant
        • Rootly
        • ServiceNow
        • Custom
          • Grafana OnCall
      • CI/CD builds
        • Azure Pipelines
        • Bitbucket Pipelines
        • Buildkite
        • CircleCI
        • GitHub Actions
        • GitLab CI/CD Pipelines
        • Jenkins
    • Sleuth DORA App for Slack
    • Microsoft Teams integration
    • CI/CD integrations
      • Azure Pipelines
      • Bitbucket Pipelines
      • Buildkite
      • CircleCI
      • Github Actions
      • GitLab CI/CD Pipelines
      • Jenkins
    • Issue tracker integrations
      • Jira Cloud
      • Jira Data Center
      • Linear
      • Shortcut
    • Fixing broken integrations
  • Pulse
    • Welcome to Pulse docs
    • Quick Start setup guide
    • Beginner tutorials
      • 1. How to create a Teamspace
      • 2. How to create a Review
      • 3. How to create a Survey
  • Features
    • Reviews
      • Review workflow
      • Review templates
      • Widgets and Sections
        • Widget type
      • Review settings
    • Surveys
      • Survey Workflow
    • Teamspaces
    • Inbox
    • AI assistant
    • General settings
      • Users and Teams
      • Investment mix
  • Settings
    • Organization settings
      • Details
      • Authentication
        • SAML 2.0 Setup
          • Okta Configuration
          • Azure AD Configuration
          • PingIdentity Configuration
      • Access Tokens
      • Members
      • Team Settings
      • Billing
    • Project settings
      • Details
      • Slack settings
      • Environment settings
      • Code deployment settings
      • Feature flag settings
      • Impact settings
    • Account settings
      • Account settings
      • Notifications settings
      • Identities settings
    • Role Based Access Control
  • Resources
    • FAQ
    • Sleuth TV
    • Purchasing
    • About Sleuth...
Powered by GitBook
On this page
  • Steps to follow
  • Create a new Application
  • Set up Single Sign-On
  • Configure Attributes
  • Enter PingIdentity's metadata into Sleuth
  • Assign Groups to the Application

Was this helpful?

  1. Settings
  2. Organization settings
  3. Authentication
  4. SAML 2.0 Setup

PingIdentity Configuration

PreviousAzure AD ConfigurationNextAccess Tokens

Last updated 1 year ago

Was this helpful?

Steps to follow

    • Option 1: Link to metadata file

    • Option 2: Input metadata manually

Create a new Application

Sign in to PingIdentity as an administrator. In the left-hand menu, expand the " Applications" section and click "Applications:

Set up Single Sign-On

You have the choice between Importing Metadata (from a file you downloaded from Sleuth), Importing from URL, or Manually Entering the metadata into PingIdentity.

The "ACS URLs" and "Entity ID" fields will populate automatically. Click "Save".

On the "SAML Configuration" page, select "Import From URL", paste the following URL into the "Import URL" field, and click "Import":

https://app.sleuth.io/saml/metadata/

The "ACS URLs" and "Entity ID" fields will populate automatically. Click "Save".

On the "SAML Configuration" page, select "Manually Enter", and fill in the necessary metadata (found in Sleuth), using the following reference:

PINGIDENTITY
SLEUTH
EXAMPLE

ACS URLs

Assertion Consumer Service

https://app.sleuth.io/complete/saml/

Entity ID

SAML Entity ID

https://app.sleuth.io/saml/metadata/

Click "Save".

On the Application, switch to the "Configuration" tab, and click the pencil icon to enter edit mode:

Fill in any missing metadata (found in Sleuth), using the following reference:

PINGIDENTITY
SLEUTH
EXAMPLE

ACS URLS

Assertion Consumer Service

https://app.sleuth.io/complete/saml/

ENTITY ID

SAML Entity ID

https://app.sleuth.io/saml/metadata/

SLO ENDPOINT

Single Logout Service

https://app.sleuth.io/saml/sls/

SUBJECT NAMEID FORMAT

n/a

urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress

TARGET APPLICATION URL

Default Relay State

(unique to each Sleuth org, usually your orgSlug)

VERIFICATION CERTIFICATE

Sleuth x509 Certificate

if not already filled in, can be found in Sleuth (needs to be saved as a crt file)

Leave other settings as they are and click "Save".

Configure Attributes

Once again on the Application, switch to the "Attribute Mappings" tab, and click the pencil icon to enter edit mode:

Edit the default Attribute saml_subject from User ID to Email Address, click the ... to reveal the contextual menu, and click Update NameFormat:

Select urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified from the list of options and click "Update":

Add the remaining required Attributes using the following reference and click "Save" when done:

Attributes
PingOne Mappings
NameFormat

first_name

Given Name

urn:oasis:names:tc:SAML:2.0:attrname-format:basic

last_name

Family Name

urn:oasis:names:tc:SAML:2.0:attrname-format:basic

email

Email Address

urn:oasis:names:tc:SAML:2.0:attrname-format:basic

Don't forget to enable your Application by flipping the toggle!

Enter PingIdentity's metadata into Sleuth

You can choose between pointing Sleuth to a URL where the IdP's metadata is now available, or entering the metadata into Sleuth manually.

In PingIdentity on the "Configuration" tab on your Application, click the clipboard icon next to the "IDP Metadata URL" to copy the URL:

In Sleuth, click the "point Sleuth to metadata file URL" link to trigger the input modal and paste the copied URL into the field, then click "Save":

The remaining fields in Sleuth will get populated automatically, just click "Test Metadata and Save":

Sleuth defaults all of the Advanced configuration to the most commonly used values, but depending on your IdP configuration you might need to adjust "Advanced settings".

You'll find the data needed for this in PingIdentity on the "Configuration" tab on your Application under "Connection Details":

Fill in the necessary metadata, using the following reference, and click "Test Metadata and Save":

SLEUTH
PINGIDENTITY
EXAMPLE

Entity ID

Issuer ID

https://auth.pingone.eu/<...>

SSO URL

Single Signon Service

https://auth.pingone.eu/<...>/saml20/idp/sso

SLO URL

Single Logout Service

https://auth.pingone.eu/<...>/saml20/idp/slo

Certificate

Download Signing Certificate

-----BEGIN CERTIFICATE----- <...> -----END CERTIFICATE-----

Sleuth defaults all of the Advanced configuration to the most commonly used values, but depending on your IdP configuration you might need to adjust "Advanced settings".

Assign Groups to the Application

On the Application, switch to the "Access" tab, and click the pencil icon to enter edit mode, and select Group which should have access to this Application, and click "Save":

On the "Applications "page click the icon to add a new Application. In the "Add Application" pane provide an "Application Name" (e.g., Sleuth), a "Description" and an "Icon" for the Application, select "SAML Application" as the "Application Type", and click "Configure":

On the "SAML Configuration" page, select "Import Metadata", and click "Select a file" to find and select the metadata file on your computer (click to find out how to download the file):

âž•
here
Create a new Application
Set up Single Sign-On
Configure Attributes
Enter PingIdentity's metadata into Sleuth
Assign Groups to the Application