Configure PingIdentity as a SAML-based Single Sign-On (SSO) provider for net2phone Sync to enable secure, centralized user authentication. Once complete, users can log in using their PingID credentials.

Step 1: Sign in to PingIdentity

Follow the steps below to configure net2phone Sync with PingID's SAML authentication service:

1. Start by signing in to PingIdentity as an admin user.
2. Create or select your PingOne for the Enterprise environment.
   Note: In this example, PingIdentity uses the environment name n2p-saml.
3. From PingID's left navigation menu, select Connections.

Step 2: Add a new application

Create a new application in PingIdentity and choose the SAML app type that matches the net2phone Sync configuration.

1. Select Add Application.
2. Select WEB APP.
3. Select Configure for the SAML connection type.

Step 3: Create the app profile

Next, create the net2phone app profile.

1. Enter net2phone as the Application Name.
2. (Optional) Enter a description.
3. Click Next.

Step 4: Configure SAML in PingIdentity

Configure the SAML connection details using the values required by net2phone Sync.

1. Enter the required SAML values.
2. Confirm that the ACS URL and Entity ID match the net2phone configuration exactly.
3. Save your changes and continue.
   1. ACS URL: Enter both net2phone ACS URLs.
      • https://auth.net2phone.com/saml/login/callback
      • https://auth.net2phone.com/saml/callback
   2. Entity ID: Enter N2P.
   3. Assertion Validity Duration (in seconds): Enter 60.
4. Click Download Signing Certificate.
5. Select the X509 PEM (.crt) option. You will use this file later in the setup.

Step 5: Configure attribute mapping

Map the required user attributes so net2phone Sync can correctly identify and authenticate each Team Member.

In this step, you will map the user's email address from PingIdentity to the username field used by net2phone.

1. For PingOne User Attribute, select Email Address.
2. For Application Attribute, enter user.username.
3. Select the Required checkbox.
4. Click Save and Close.

The mapping should match the following:

Email Address → user.username

Step 6: Enable the new app

Enable the new net2phone app in PingIdentity.

1. In the Applications section of your PingID account, enable the net2phone app by switching the toggle to On.
2. Click the Configuration tab within the new net2phone application.
3. Highlight and copy the Single SignOn Service value shown.

Step 7: Configure SSO in net2phone

Now that you have configured PingIdentity, you can configure SSO in the Sync Settings portal.

1. Open app.net2phone.com and sign in with Admin credentials.
2. Click your profile icon in the top right corner.
3. Select Admin Settings.
4. Select Single Sign On from the right navigation menu.
5. Enable the Single Sign-On toggle.
6. Enter the Single SignOn Service value copied in Step 6 into the Login URL field.
7. Enter N2P for the Entity ID field.
8. Click Upload Certificate and select the file you downloaded in Step 4. The contents of the file should appear in the Public Certificate field.
9. Click Test Configuration.
   Note: If everything is set up properly, you should see a green confirmation message near the bottom of the screen indicating that the test was successful. The Submit button will then become active.
10. Click Submit.

Step 8: Test the connection

Validate the connection before enabling SSO for your organization.

1. Assign the application to a test user in PingIdentity.
2. Attempt to log in to net2phone Sync using SSO.
3. Confirm successful authentication.

After you save the configuration, use a test account to confirm the PingIdentity sign-in flow works as expected.