MicroStrategy ONE

Configure MicroStrategy Identity as an Identity Provider in PingFederate

  1. In a web browser, log in to your PingFederate administrative console.
  2. Under SP Configuration, under IdP Connections, click Create New
  3. On the Connection Type page, select Browser SSO Profiles, then select SAML 2.0 from the Protocol drop-down list.
  4. On the Connection Options page, select Browser SSO.
  5. On the Import Metadata page, upload the Identity metadata that you downloaded from MicroStrategy Identity Manager.
  6. Click Next until you reach the Browser SSO page.

Configure Browser SSO

  1. On the SAML Profiles page, select SP-Initiated SSO.
  2. On the User-Session Creation page, click Configure User-Session Creation.
  3. Click Next until you reach the Adapter Mapping and User Lookup page.
  4. On the Adapter Mapping and User Lookup page, select Map New Adapter Instance.
  5. On the Adapter Instance page, select the adapter instance you want to use.
  6. On the Adapter Data Store page, select Use only the attributes available in the SSO Assertion.
  7. On the Adapter Contract Fulfillment page, for the subject Adapter Contract, select Assertion from the Source drop-down list and select SAML_SUBJECT from the Value drop-down list.
  8. Click Next.
  9. Click Done once you reach the Summary page.
  10. On the Browser SSO page, click Protocol Settings, then click Configure Protocol Settings.
  11. On the SSO Service URLs page, confirm that an Endpoint URL is defined. This value was provided when you uploaded the Identity metadata.
  12. On the SLO Service URLs page, confirm that an Endpoint URL is defined. This value was provided when you uploaded the Identity metadata.
  13. On the Allowable SAML Bindings page, select POST.
  14. On the Default Target URL page, leave the field blank.
  15. On the Signature Policy page, select Use SAML-standard signature requirements.
  16. On the Encryption Policy page, select None.
  17. Click Next.
  18. Click Done once you reach the Summary page.

IdP Connection Page

  1. On the IdP Connection page, click Credentials, then click Configure Credentials.
  2. On the Digital Signature Settings page, from the Signing Certificate drop-down list, select the certificate to use.
  3. Click Done.
  4. On the Activation and Summary page, select a Connection Status of Active.
  5. From the main PingFederate administrative console, under SP Configuration, under Application Integration Settings, click Default URLs.
  6. Specify the URL to redirect users to after signing in with MicroStrategy Identity, then save your changes.

Next, add users from your web application into MicroStrategy Identity.