Skip to main content
This guide details how to configure Ping Identity (PingOne) as your Identity Provider (IdP) to enable Single Sign-On (SSO) for Empuls.

Prerequisites

  • Admin access to your Empuls account.
  • Admin access to your Ping Identity (PingOne) console.

A: Specific Service Provider Details from Empuls

Before configuring Ping Identity, you need to obtain the metadata from Empuls.
  • Login to your Empuls account.
  • Navigate to Reports and Admin > User Authentication.
  • Locate the SAML 2.0 Single Sign On card.
  • You will see your Service Provider (SP) Metadata. Keep this tab open, or:
    • Copy the ACS URL and Entity ID provided on the screen.
  • Download the SP Metadata file (e.g., empuls-sp-metadata.xml) by clicking on “Download SP Metadata”.

B: Configure Ping Identity (PingOne)

  • Log in to your Ping Identity Admin Console.
  • Navigate to Connections > Applications.
  • Click the + (Plus) icon to add a new application.
  • Select Web App and choose SAML as the connection type.
  • Application Details:
    • App Name: Enter Empuls
    • Description: (Optional) Enter Employee Engagement Platform
    • Icon: (Optional) Upload the Empuls logo.
  • Click Next.
  • SAML Configuration:
    • Option A (Recommended): Click Import Metadata > Select a File and upload the empuls-sp-metadata.xml file you downloaded in Step 1.
    • Option B (Manual): If you prefer to enter details manually:
      • ACS URL: Paste the ACS URL copied from Empuls.
      • Entity ID: Paste the Entity ID copied from Empuls.
  • Click Save and Continue.
  • Attribute Mapping:
    • Empuls requires a unique identifier (Email ID or Employee ID) in the NameID field.
    • Set the SAML_SUBJECT attribute to map to Email Address (or the attribute that matches your users’ Empuls login email).
    • Click Save and Close.
  • Enable the App: Toggle the switch next to the Empuls application to ON (Green) to enable user access.

C: Upload Ping Identity Metadata to Empuls

Once the application is created in Ping Identity, you must provide the IdP metadata back to Empuls to complete the trust relationship.
  • In the Ping Identity console, go to the Configuration tab of your new Empuls app.
  • Find the IDP Metadata URL or the Download Metadata button.
  • Download the IdP Metadata XML file to your computer.
  • Return to your Empuls browser tab (User Authentication page).
  • Scroll to the Identity Provider metadata section (Step 3 on the Empuls screen).
  • Upload the Ping Identity XML file you just downloaded.
    • Alternative: If Empuls asks for a URL, paste the Metadata URL from Ping Identity.

D: Test the Connection

  • After uploading the metadata, click Save in Empuls if prompted.
  • Click on the Test Connection button at the bottom of the Empuls User Authentication page.
  • A pop-up window will appear redirecting you to the Ping Identity login page.
    • Note: Ensure your browser pop-up blocker is disabled.
  • Enter your Ping Identity credentials.
  • If successful, you will be redirected back to Empuls with a “Connection Successful” message.

Troubleshooting

  • Pop-up Blocked: If the test window does not open, check your browser address bar for a pop-up blocker notification and allow pop-ups for Empuls.
  • User Not Found: Ensure the email address you are testing with exists in both Ping Identity and Empuls.
  • Invalid SAML Response: Verify that the NameID format in Ping Identity is mapped correctly to the user’s email address.
For feedback or questions please reach out to us at cs@xoxoday.com