Custom SSO - PingIdentity & PingFederate SSO

As an add-on to the GL Strings Enterprise tier you have the option to connect with custom SSO (Single Sign On) provider. Please get in touch for pricing details.

The following is an example if you want to use Ping Identity SSO.

GL Strings PingIdentity & PingFederate SSO Integration

1. In your Ping admin console choose Connections, then Applications.

2. On the Applications page, click on the add Application button (+ icon).

3. Select WEB APP then afterwards click Configure in the OIDC option. Fill out the APPLICATION NAME, DESCRIPTION and ICONS as needed and click Next.

4. Paste https://dashboard.applanga.com/auth/ping-identity/callback and https://dashboard.globallinkstrings.com/auth/ping-identity/callback in REDIRECT URLS then click Save and Continue

5. Drag and drop or simply use the add button(+ icon) to add the email and profile scopes to SCOPE GRANTS then click Save and Continue

6. No further configuration is required at the Attribute Mapping step. Simply click Save and Close for this step.

7. By now you should see your GL Strings SSO application listed under Applications. Select the application if its not already pre-selected. You should see a top right toggle which is used to enable or disable user access to the application. Make sure this is toggled on.

8. Go to the Configuration tab then click the edit button in the top right.

9. Under General:
   • select Code for RESPONSE TYPE
   • select Authorization Code
   • check Client Credentials under GRANT TYPE
   • choose Client Secret Post under TOKEN ENDPOINT AUTHENTICATION METHOD Remember to copy the CLIENT ID and CLIENT SECRET from here, then click Save.

10. Please submit your SSO configuration details via this form

    • The form contains fields for your Client ID, Client Secret, Application environment ID, PingIdentity Domain, a list of domains that should be enabled for your Ping configuration and optionally a Session timeout which if specified will determine how long a login session remains open before users are required to login again. Alternatively and additionally you can provide a list of mail addresses if you want additional accounts to be added that do not belong to the specified domain.
    • Optionally, you can also provide list of teams and user roles. Every SSO user newly signing up for GL Strings will be automatically added to these teams with the preselected role. The user role and team assignment can be later modified if needed.
    • The GL Strings team requires time to test and deploy your configuration which may take up to 2 weeks. The GL Strings team will confirm once SSO is available. If the change is urgent please let us know so we can expedite your request.
    • All signups completed prior to the SSO configuration deployment will be automatically converted upon their next login.

11. To login with Ping Identity or Ping Federate on the GL Strings Dashboard click on the SSO Login link on the bottom of the login page. You will be redirected to the SSO login page. There, enter your domain or email address. This will redirect to the PingIdentity login page. If you are already logged in with your PingIdentiy account, you will be redirected back to the GL Strings dashboard.

If you encounter any issues please email support@applanga.com.