If you have PingFederate as your IdP and are trying to integrate the SAML-based IdP using the metadata supplied from the page, you can use the following SAML assertion URL:
- For identity provider initiated (IdP-initiated) SSO:
https://{{instance}}/auth/realms/default/broker/{{alias}}/endpoint/clients/atlan-saml
- For service provider initiated (SP-initiated) SSO:
https://{{instance}}/auth/realms/default/broker/{{alias}}/endpoint
To use both IdP- and SP-initiated SSO, add both the URLs mentioned above.
If you encounter an Invalid signature
error, you must ensure that the certificate in the XML metadata file is of the SHA-256 or SHA-512 type.