Checklist for configuring Ping Identity integration using SAML v2.0

Last Updated : Jun 10, 2026 |

The following checklist lists the configuration tasks that you perform on the Ping Identity and Keycloak web administration portals to set up integration with Ping Identity using SAML v2.0.

No.

Task

Notes

1

Ensure that you gather all required information for configuring the integration.

See Prerequisites for SSO configuration.

2

Create and configure an application for SSO using the PingOne console.

See Creating a new SAML v2.0 application on Ping Identity.

3

Obtain the Ping Identity configuration file.

See Obtaining the XML configuration file.

4

Configure Keycloak settings using the Avaya Aura® Device Services configuration utility.

See Configuring Keycloak settings.

5

Configure a Ping Identity identity provider on Keycloak.

See Configuring a Ping Identity SAML v2.0 identity provider on Keycloak.

6

Configure user and administrator Population groups on Ping Identity.

See Configuring user and administrator Population groups.

7

Configure attribute mapping on Ping Identity.

See Configuring attribute mapping on Ping Identity.

8

Configure attribute mapping between the Ping Identity SAML v2.0 identity provider and Keycloak.

See Modifying the attribute mapping between the third-party identity provider and Keycloak.

For information about mappers that you must configure on Keycloak, see Attribute mapping parameters for Ping Identity SAML v2.0 identity provider.

9

Obtain the client secret.

See Obtaining the client secret.

The client secret is required to enable communication between Avaya Aura® Device Services and Keycloak.

10

Create a client mapping.

See Creating client mapping.

If you need to regenerate the client secret, see Regenerating the Keycloak client secret.

11

Configure the LDAP UID mapping.

See Configuring the LDAP UID mapping.

12

Select the identity provider to use for authorization.

See Selecting the default identity provider.

Do not perform this task if you want to allow the simultaneous use of multiple identity providers to your enterprise users.

13

Create users on Ping Identity.

See Creating users on Ping Identity.

14

Test the integration with Ping Identity.

See Testing the integration with the identity provider from the web administration portal.

15

Configure expiry time for access and refresh tokens.

See Configuring access and refresh token expiry times.