Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

PingOne Settings

For this process, you will first need to download the SPMetadata.xml file from ResourceXpress.
This can be found in System Settings under the SSO Setting tab

Open the PingOne admin portal https://admin.pingone.com/web-portal/login and login with the admin user account:

From the admin console Dashboard, click the Applications menu to display the My Applications tab:

Click Add Application and select New SAML Application to display this form:

Complete the Application Details with the Application Name, Application Description and select a Category.

Click Continue to Next Step to display the Application Configuration form:

Complete the Application Configuration form:

SAML Metadata. Click Download to download the metadata XML (will be uploaded to RX SaaS application).
Protocol Version. Select SAML v2.0.
Upload Metadata.
Click Select File to upload the SPMetadata.xml file
Assertion Consumer Service (ACS) and Entity ID are auto-populated from the SPMetadata.xml.

Click Continue to Next Step to display the SSO Attribute Mapping form:

Complete the SSO Attribute Mapping form:

Application Attribute. Enter 'email'.
Identity Bridge Attribute or Literal Value. Select 'Email'.
Click Save & Publish.

Configuring SAML App in ResourceXpress

The final step is to upload the XML file we downloaded earlier to ResourceXpress.

You will need an existing Server/Super Admin account in ResourceXpress.
The email address for this account will need to match an allowed user in Azure AD.

Upload

Navigate to the SSO Settings tab, this can be found on the System Settings page, under the Administration Settings menu.

Click Choose file alongside IDP Metadata, find the saml2-metadata-idp.xml file that was downloaded previously.
Then click Upload.

You will see the correct details be auto-populated into the URL and Authenticating Authority fields.

Auto-create Users

When using SSO, by default all users will be granted the role User.
This will allow them to view the Booking Manager page only, to allow users access to more features in ResourceXpress they will need to exist as a user in the ResourceXpress local database.

Ticking the option Auto create user records from SSO will automatically add new users into the ResourceXpress user database when they sign-in for the first time, this will then allow these users to be granted more access to the system, as well as assigning them RFID and Access code values.

When a user's account is auto-created in ResourceXpress, an email confirming this will be sent to them. Included in this email will be a randomly generated password that can be used for the upcoming mobile app.

Sync user details

This option has been added in v1.5.1

This option allows for user details such as Access Code and RFID to be synchronized with ResourceXpress’s user's database, this will keep these details up-to-date each time a user signs in.

Disabling this option will allow for Admin users to modify these details manually in ResourceXpress.

Enabling SSO

Once all the above steps have been completed, click the Save button.

  • No labels