ARTIFACTORY: How to Configure Artifactory SAML SSO with PingOne?

Kfir Avraham
2023-01-22 11:11

Follow these steps to configure Artifactory with the external identity provider, PingOne:

On PingOne side

  1. Add a New SAML Application and configure the Application configuration as the below
  2. Choose "I have SAML configuration"
  3. Download theSAML Metadata file
  4. In the field “Assertion Consumer Service (ACS)”, enter: https://< Artifactory-URL > /webapp/saml/loginResponse
  5. In the field “Entity ID”, enter the “entityID” value as in the downloadedSAML Metadata file(from#2)
  6. Choose the “Post” option for “Single Logout Binding Type
  7. Choose “Sign Assertion” for “Signing
  8. Choose “RSA_SHA256” for “Signing Algorithm
  9. Finish the configuration process

On Artifactory side

  1. Navigate in Artifactory UI to theAdministration Tab → Security | SAML SSO
  2. In the “SAML Login URL”, enter the value of “SingleSignOnService Location” (from the downloaded SAML Metadata file) for example:
    https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=
  3. In the “SAML Logout URL”, enter the value of “SingleLogoutService” (from the downloaded SAML Metadata file) for example:
    https://sso.connect.pingidentity.com/sso/SLO.saml2
  4. In the “SAML Service Provider Name”, enter the same “Entity ID” as mentioned above (from the PingOne configuration)
  5. For the “SAML Certificate”, download the “Signing Certificate” from the "application setup" from PingOne and copy it to this field.