Overview
Developers may encounter issues when configuring a PingFederate connection in Auth0, such as the connection not working as expected. However, enabling the Identity Provider (IdP)-initiated setting resolves the problem. This article aims to explain the root cause of this issue and provide a solution for developers using Auth0 with PingFederate.
Applies To
- PingFederate
Solution
The issue arises from the different paths required for Service Provider (SP)-initiated and IdP-initiated flows in PingFederate.
- For SP-initiated flows, the expected value usually contains
/idp/SSO.saml2
as the path. - For IdP-initiated SSO, the path is
/idp/startSSO.ping
. - If developers are using the IdP-initiated path (
/idp/startSSO.ping
) when attempting an SP-initiated flow, the connection will not work. To resolve this, ensure that the correct path is used for the intended flow:- SP-Initiated Flow: Use
/idp/SSO.saml2
as the path. - IdP-Initiated Flow: Use
/idp/startSSO.ping
as the path.
- SP-Initiated Flow: Use
By configuring the correct path based on the flow type, developers can ensure that the PingFederate connection works seamlessly in Auth0.