Ping Identity Integration
TigerTrust integrates with Ping Identity for enterprise identity federation and access management.
PingFederate Configuration
Add TigerTrust as a Service Provider:
<SPConnection> <EntityId>https://tigertrust.io/saml/metadata</EntityId> <BaseURL>https://api.tigertrust.io</BaseURL> <AssertionConsumerService> <Binding>POST</Binding> <Location>/auth/saml/callback</Location> </AssertionConsumerService> </SPConnection>
PingOne Integration
Configure PingOne cloud identity:
pingone: environment_id: your-environment-id client_id: your-client-id client_secret: $PINGONE_SECRET population: TigerTrust Users attribute_mapping: email: email name: name.formatted groups: memberOf
Attribute Contract
Define attribute mappings:
| Source Attribute | TigerTrust Claim | |-----------------|------------------| | subject | userId | | mail | email | | givenName | firstName | | sn | lastName | | memberOf | groups |
Access Policies
Configure access control policies:
Policy: Certificate Management Access
---
Authentication:
- Method: MFA
- Factors: Any 2 of [Password, SMS, Authenticator]
Authorization:
- Groups: Certificate-Admins, Security-Team
- Attributes: department = "IT"
API Security
Secure API access with PingAccess:
api_security: authentication: OAuth 2.0 token_endpoint: https://auth.pingone.com/token scopes: - certificates:read - certificates:write - policies:manage rate_limiting: requests_per_minute: 100
Directory Federation
Federate identities across directories:
- Active Directory
- LDAP
- Cloud directories
- Partner organizations
Enable enterprise identity federation with Ping Identity and TigerTrust.