PING
Identity Provider

Ping Identity Integration

Enable your Ping Identity (PingOne or PingFederate) users to sign in to your Shopify store using SAML 2.0 authentication.

15 min setup
SAML 2.0 & OIDC

Prerequisites

  • PingOne or PingFederate admin access
  • SecurePie Professional or Enterprise plan
  • Your SecurePie Organization ID

PingOne Setup Instructions

1

Access PingOne Admin Console

Log in to your PingOne administration console.

  1. 1.Navigate to admin.pingone.com
  2. 2.Sign in with your admin credentials
  3. 3.Select your environment
2

Create Web App Connection

Add a new SAML application for SecurePie.

  1. 1.Go to Connections → Applications
  2. 2.Click the "+" button to add an application
  3. 3.Enter "SecurePie SSO" as the application name
  4. 4.Select "SAML Application" as the application type
  5. 5.Click "Configure"
3

Configure SAML Settings

Enter the SecurePie SAML configuration.

  1. 1.Select "Manually Enter" for configuration method
  2. 2.Enter the ACS URL and Entity ID
Configuration
// PingOne SAML Configuration
{
  "ACS URLs": "https://securepie.com/saml/acs/your-org-id",
  "Entity ID": "https://securepie.com/saml/your-org-id",
  "SLO Endpoint": "https://securepie.com/saml/slo/your-org-id",
  "SLO Response Endpoint": "https://securepie.com/saml/slo/your-org-id",
  "Target Application URL": "https://your-store.myshopify.com",
  "Signing Key": "Default Signing Key",
  "Signing Algorithm": "RSA_SHA256"
}
4

Configure Attribute Mappings

Map PingOne user attributes to SAML assertions.

  1. 1.Go to the "Attribute Mappings" tab
  2. 2.Add the required attribute mappings
Configuration
// Attribute Mappings
PingOne Attribute     →    SAML Assertion Attribute
────────────────────────────────────────────────────
User ID               →    saml_subject (NameID)
Email Address         →    email
Given Name            →    firstName
Family Name           →    lastName
Population            →    group (optional)
5

Download SAML Metadata

Export the IdP metadata for SecurePie configuration.

  1. 1.Go to the "Configuration" tab
  2. 2.Click "Download Metadata"
  3. 3.Save the XML file
  4. 4.Also note the Issuer ID and SSO Endpoint
6

Enable and Assign Users

Enable the application and assign users.

  1. 1.Toggle the application to "Enabled"
  2. 2.Go to the "Access" tab
  3. 3.Add users or groups who should have access
7

Configure SecurePie

Upload the PingOne metadata to SecurePie.

  1. 1.Log in to your SecurePie dashboard
  2. 2.Go to Settings → Identity Providers
  3. 3.Click "Add Provider" → "Ping Identity"
  4. 4.Upload the metadata XML file
  5. 5.Click "Save" and test the connection

PingFederate Configuration

If you're using PingFederate instead of PingOne, the process is similar but with a few differences:

  • Create a new SP Connection in PingFederate admin console
  • Import SecurePie metadata or manually configure the connection
  • Configure attribute contracts for email, firstName, lastName
  • Export the IdP metadata and upload to SecurePie
Need PingFederate help? Contact us

Need Help?

Our team has experience with both PingOne and PingFederate deployments and can assist with complex configurations.

Contact SupportBack to Docs