Ping Identity

Set up SAML SSO with Ping Identity (PingOne). See the common values shared across all providers.

Username attribute must be email

Always set the username attribute as EMAIL. This is important — Sundial matches users by email.

Steps

1. Log in to your Ping Identity account.

2. Go to Applications → Applications.

3. Create a new application by clicking the + icon.

   

4. Name the app Sundial.

5. Choose Application Type as SAML Application and save.

   

6. Under SAML Configuration, choose Manually Enter and fill:

   • ACS URLs: https://sundial-fe060.firebaseapp.com/__/auth/handler
   • Entity ID: Sundial
   • (Optional) Application Base URL: https://app.sundial.so/

   

7. After saving the application, go to the Overview tab and provide Sundial with the Initiate Single Sign-On URL.

   

8. Under the Configuration tab, Download Metadata and Download Signing Certificate, and provide these to Sundial.

9. On the Attribute Mapping tab, set the attributes as shown below:

   Sundial	PingOne	Required
   saml_subject	Email Address	Yes
   displayName	Expression: ${user.name.given + ' ' + user.name.family}	Yes
   email	Email Address	Yes
   firstName	Given Name	Yes
   identityProvider	Identity Provider ID	—
   lastName	Family Name	Yes

   

   displayName is configured as a PingOne expression that concatenates the user's given and family names:

   

10. Once everything is done, turn on the Sundial application and you are good to go.