Pivotal Web Services End of Availability Announced
For more information, see Frequently Asked Questions.

This topic describes how an administrator can test the connection between SSO and PingFederate. An administrator can test both service provider and identity provider connections.

You can test your identity provider integration by deploying the Single Sign-On Service Sample Applications.

Test Your Service Provider Connection

  1. Log in to Apps Manager at https://console.run.pivotal.io and navigate to the organization and space where your application is located.

  2. Under Services, locate the service instance of the Single Sign-On (SSO) plan bound to your application. Click the service instance and then click Manage.

    Click service

    Pingfederate click manage

  3. Under the Apps tab, click your application.

    Pingfederate select authcode app tile

  4. Under Identity Providers, select the PingFederate identity provider. a Click pingfederate pcf

  5. Return to Apps Manager and click the URL below your application to authenticate with the identity provider.

    Authcode sample address

  6. Click the link to Log in via Auth Code Grant Type.

    Authcode sample

  7. On the identity provider sign-in page, enter your credentials and click Sign On.

    Pingfederate sign in

  8. The application asks for authorization to the necessary scopes. Click Authorize.

    Popup authcode

  9. View the access token and ID token.

    Pingfederate authcode sample code

Test Your Identity Provider Connection

Note: SSO does not support identity provider-initiated flow into applications, but it does redirect the user to the User Account and Authentication (UAA) page to select applications assigned to the user.

  1. Sign in to PingFederate.

    Pingfederate sign in

  2. Navigate to your application and click it.

  3. View the list of applications you have access to.

    App list

Test Your Single Sign-Off

Test single sign-off to ensure that when users log out of the application, they are logged out of PingFederate as well.

  1. Sign into the sample application. Information about the access and ID token displays, as well as the “What do you want to do?” section.
  2. Under What do you want to do?, click Log out.

    What do you want

  3. Ensure that you are logged out and redirected to the PingFederate login page.

    Pingfederate sign in