How to Connect a SAML App in PingFederate & View Assertion Details in the SAML Response

No matter if you’re currently working in IAM, or considering it, one of the things you may find yourself doing often is setting up new SAML connections within your IdP (identity provider) to allow users to SSO into various applications.

SAML (Security Assertion Markup Language) allows your IdP to communicate with the SP (service provider) in order to exchange authentication information about the user, as well as send various attributes within the contract based on the requirements of the application.

SAML can be used to send basic information such as name and email address, as well as other attributes like group membership, department, and pretty much anything else you desire. These attributes can then be used to identify the user within an application, provision accounts, assign the user to specific roles & functions, or even limit access based on certain attributes.

This video goes through the process of setting up a new SAML connection within PingFederate, as well as exploring tools that make it easier to inspect and troubleshoot SAML connections by digging into the information provided within the SAML response, including the attributes being sent in the assertion.

If you’re new to this process, don’t worry if it seems foreign to you now. Like anything else, the more you use and interact with these tools and information, the more familiar it will become. The good news is SAML is a standard protocol. So once you learn it, it becomes easier to work with and customize it within the context of other tools you may come across.