Skip to main content

Setup SSO with Ping Identity using SAML in OneID

Zuora

Setup SSO with Ping Identity using SAML in OneID

This article explains how to set up Single Sign-On (SSO) with Ping Identity using SAML in Zuora OneID. For more information on configuring SSO for OneID, see Configure SSO for OneID.

Step 1: Create a Zuora OneID application in Ping Identity

To create a Zuora OneID application in Ping Identity, follow these steps:

  1. Configure the service provider details as mentioned below:
  2. Log in to the PingOne admin console as an administrator.
  3. From the main dashboard, click Applications and select Add Application.
  4. Name the application Zuora OneID and set the Application Type to SAML Application.
  5. Click Configure to proceed with the SAML configuration.
  6. In the SAML Configuration section, select Import from URL.
  7. Enter the Import URL as https://one.zuora.com/saml/metadata, then click Import and save the settings.
  8. Navigate to the Attributes section, and change the NameID format to Email Address.
  9. Save the changes, then copy the IDP Metadata URL from the configuration page for later use.

Step 2: Configure Ping Identity metadata in Zuora OneID

Once the application is created in Ping Identity, configure the metadata in Zuora OneID by following these steps:

  1. Log in to one.zuora.com as an administrator.
  2. Go to Settings and click Manage SSO Settings.
  3. Choose Metadata Type as URL.
  4. Paste the IDP Metadata URL you copied in Step 1 and click Save.

Step 3: Enable SSO for users in Zuora OneID

To enable SSO for your users in Zuora OneID, perform the following steps:

  1. Navigate to the Users section in the Zuora OneID admin panel.
  2. Select a test user and open the profile in edit mode.
  3. Toggle Single Sign-On Enabled to On.
  4. Enter the user's Federated ID (matching the user's email in Ping Identity) and save the changes.

Step 4: Test the SSO configuration

After configuring SSO for users, test the setup by following these steps:

  1. In the PingOne admin console, initiate a test SSO login.
  2. Ensure Zuora OneID opens in a new tab, logging in the user via SSO.
  3. If the login fails, review any error messages and adjust the Identity Provider (IdP) or Service Provider (SP) settings as needed.
  4. Retest the SSO login until the setup works correctly.