Configuring a Ping Identity SAML v2.0 identity provider on Keycloak

Last Updated : Jun 10, 2026 |

About this task

To use Ping Identity SSO capabilities and authenticate users, you must configure a SAML v2.0 identity provider on Keycloak.

Configure a SAML application on Ping Identity.
Obtain a configuration file in XML format. For more information, see Obtaining the XML configuration file.

Log in to the Keycloak web administration interface.
Navigate to Solution Realm > Identity Providers.
Click Add provider and then select SAML v2.0.
In Alias, type the name that you used when configuring a SAML application on Ping Identity.

For example, PingIdentitySAML. For more information, see step 7.
Navigate to the Import External IDP Config section.
Click Select file, navigate to the Ping Identity configuration XML file that is stored on your computer, and then click Import.

Keycloak imports the configuration data and populates the Single Sign-On Service URL field.
From NameID Policy Format, select Email.
Click Save.

Send Feedback