• 12 Sep 2023
  • 2 Minutes to read
  • Contributors


      Article Summary


      This article offers a detailed guide on configuring PingFederate as a SAML 2.0 identity provider

      By integrating with PingFederate, Perimeter 81 can authenticate users, ensuring a secure and efficient login process.


      1. These are the most important configuration parameters:
      • EntityID: urn:auth0:perimeter81:{{WORKSPACE}}-oc

      • Assertion Consumer Service URL:{{WORKSPACE}}-oc

      • HTTP-Redirect binding for SAML Request

      • HTTP-POST binding for SAML Response

      Perimeter81 Attribute NamePingFederate Attribute Name
      given_nameGiven Name

      Configuring an SP Connection from PingFederate

      1. Sign on to your PingFederated account and select Create New from the SP Connections section.
      2. Configure the SP Connection.
        • Select the Browser SSO Profiles as the Connection Type.
        • Select Browser SSO as the Connection Options.
      3. Configure the connection Parameters (Step 1)

      If you are troubleshooting the connection, you can upload the Metadata for your Perimeter81 connection- instructions available under "troubleshooting" at the bottom section of this guide.
      The Entity ID, Connection Name and the Base URL will be automatically populated based on the information from the metadata file.

      1. Configure Browser SSO.
        • Select SP-Initiated SSO and SP-Initiated SLO in SAML Profiles.
        • Go to the Assertion Creation section and click Configure Assertion.
          Accept all defaults for the next two screens.
      2. Go to the IdP Adapter Mapping section. This is where users will be authenticated. Likely, you already have one configured in your PingFederate installation. Select one, or add a new one. Auth0 only requires the NameIdentifier claim. All other attributes will be passed further to the end application.
      3. Configure Protocol Settings. Values for Protocol Settings are imported from the metadata file. Next, you will see the Assertion Consumer Service URL and the Sign-Out URLs. Click Next to the Allowable SAML Bindings section.
      4. Leave POST and Redirect enabled. Make sure SAML Assertion is always signed.
      5. Configure Credentials. On Digital Signature Settings, select your signing certificate and make sure you check the option to include it in the  element.
      6. Configure the certificate used to sign incoming requests.
      7. Review your settings and set as Active or Inactive.
      8. Click Save at the bottom of the screen. You should see the new SP Connection on the Main screen.

      Configuring the Connection on Perimeter 81

      At this point, you will configure the integration from the Perimeter 81 side.

      1. Log in to your Perimeter 81 Management Platform, and navigate to Settings and then Identity Providers.
      2. Select + Add Provider.
      3. Choose SAML 2.0 Identity Providers.
      4. Sign In URL:
        • https://sso.{{Your PingFederate Domain}}.com/idp/SSO.saml2
      5. Add your organization domain.
      6. Paste the certification from PingFederate.
      7. Select Done.


      • Always replace placeholders like {{WORKSPACE}} and {{Your PingFederate Domain}} with the actual values during the configuration.
      • Ensure that the correct attributes are mapped in PingFederate for accurate user authentication and authorization in Perimeter 81.
      • Periodically review your PingFederate configuration settings to ensure they align with any updates or changes made within the Perimeter 81 platform


      If you encounter issues during or after the setup, try reviewing your settings to ensure everything matches the instructions. In particular, check the IP addresses and other details you entered during setup. If issues persist, please consult our dedicated support.

      Support Contacts

      If you have any difficulties or questions, don't hesitate to contact Perimeter 81's support team. We offer 24/7 chat support on our website at, or you can email us at We're here to assist you and ensure your VPN tunnel setup is a success

      Was this article helpful?

      What's Next