SSO integration configuration is done with both PingOne and OpsRamp. The configuration sets up redirects to the custom branded URL.


  • Partners must register with OpsRamp to get OpsRamp login credentials.
  • Provide your custom branding URL (such as <yourwebsitename>

Step 1: Create a certificate

  1. From the PingOne console, select the SETUP tab and click Certificates.
  2. Click +Certificate to create a new certificate.
  3. From the Create New Certificate screen, enter the required details and click Save.

Step 2: Create an application

  1. From the PingOne console, select the Applications tab and click My applications.

  2. Click the SAML tab.

  3. From the Add Application drop-down options, select New SAML application.

  4. Enter the application information and click Continue to Next Step.

  5. From the Application Configuration screen, enter the information and click Continue to Next Step:

    • Assertion Consumer Service (ACS):
    • Entity ID:
    • Application URL:
  6. Enter information for SSO attribute mapping and click Continue to Next Step.

  7. Enter Group Access and click Continue to Next Step.

  8. Do the following from the Review SetUp screen:

    • Click Download on Signing Certificate and from the .cer file, save the certificate.
    • Click Download on SAML Metadata and copy the entityID URL. For example: If the entityID URL is <md:EntityDescriptor entityID=""ID="g7r1YVie-iqysV037OuX9rIpUDO" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">, the issuer URL is
    • Copy Initiate Single Sign-On (SSO) URL.
  9. Click Finish to save the configuration.

    Setup SSO Summary

Step 3: OpsRamp configuration

  1. From All Clients, select a client.

  2. Go to Setup > Integrations > Integrations.

  3. From Available Integrations, select SSO > PingIdentity and click Install.

  4. Enter:

    • Issuer URL: Identity provider Issuer URL
    • Redirection URL: SAML EndPoints for HTTP
    • Logout URL: URL for logging out
    • Certificate: x.509 Certificate
  5. Click Install.