What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

SSO with Ping ID

Votes:

4

User story

As a PRTG Admin, I want ability to authenticate to PRTG via PingFederate solution from Ping Identity SSO provider.

Details of user story

Currently PRTG only supports single SSO provider – MS Azure AD. This feature request is to enable PRTG authentication via PingFederate or PingAccess from Ping Identity provider.

PingFederate supports the following standard protocols which are the same for MS Azure AD:

  • SAML 2.0/ WS-Fed
  • OAuth/ OpenID

Ideally the solution would be built so that it works with any SSO provider compatible with the above standard protocols.

Typical configuration options needed by these protocols are:

SAML 2.0/ WS-Fed

Application Name

A plain-language identifier for the connection; for example, a company or department name. This name is displayed on the log in page and will served as the connection name on the Ping Federate administrative console.

Entity ID

Unique identifier of the application/Application URL. This ID defines your organization as the entity operating the server for SAML 2.0 transactions. Based on previous observations on apps integrated, this is a value that can be derived from the Admin configurations that can be checked from application side.

Endpoint URL

The link where the attributes will be accepted by your application. A web service endpoint is a web address (URL) at which clients of a specific service can gain access to it. By referencing that URL, clients can get to operations provided by that service.

Attributes

A specification that is aligned to organization’s directory (LDAP/AD..), such as email, first and last name, user id.

Logout URL

The URL where the user redirects after they logout.

OAuth/OpenID

Application Name

A plain-language identifier for the connection; for example, a company or department name. This name is displayed on the log in page and will served as the connection name on the Ping Federate administrative console.

Client ID

Public identifier of application, a simple string which needs to be identical on both ends – Ping and application OAuth configuration. The Client ID is defined as the value used by the client to identify itself to the authorization server. It must be unique across all clients that the authorization server handles. Many implementations use something like a 32-character hex string. Normally, this is encoded for OAuth connections that have been previously handled. It can be viewed by the administrators of the application. Ideally, Client ID should be generated on the application side and not from Ping.

Redirect URL

The link where the attributes will be accepted by your application. A web service endpoint is a web address (URL) at which clients of a specific service can gain access to it. By referencing that URL, clients can get to operations provided by that service.

Attributes

A specification that is aligned to organization’s directory (LDAP/AD..), such as email, first and last name, short name, T-Number.

Logout URL

The URL where the user redirects after they logout.


For more technical information please check For PingID: https://docs.pingidentity.com/ or https://www.pingidentity.com/developer/en/index.html

https://www.pingidentity.com/en/platform/single-sign-on/software-sso.html

For MS Azure AD: OAuth2 OpenID Saml


Acceptance criteria

Ability to configure PingID to authenticate to PRTG.

Status

Open

add-feature pindid ping-identity-login prtg-kbtracker single-sign-on sso

Created on Aug 11, 2021 1:30:39 PM

Last change on Oct 21, 2021 1:27:07 PM by  Jörg Hollerith [Paessler Support]



Replies

Nobody has replied yet


Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.