Configure PingOne for Working With QAComplete

To start using single sign-on with your QAComplete application, you need to set up the identity management service first.

1. Log in to your PingOne administrator account or create a new one.

2. On your user profile home page, switch to the Applications tab.

   

   Click the image to enlarge it.

3. Click Add Application and select the New SAML Application option in the drop-down list.

4. In the Application Details form, specify the following settings:

   • Application Name – The name registered for your application inside PingOne.

   • Application Description – A short snippet of arbitrary information about the application.

   • In the Category drop-down list, select the category for your application in accordance with its purpose and functions.

   • Optionally, upload the application logo in Graphics.

   

   Click the image to enlarge it.

5. Click Continue to Next Step to proceed.

6. On the next page, click I have the SAML configuration. Then, you need to configure SAML as follows:

   Option	Software as Service	On-Premises
   Signing Certificate	PingOne Account Origination Certificate
   Protocol Version	SAML v 2.0
   Assertion Consumer Service	https://<your SaaS domain>*.qacomplete.smartbear.com/sso/callback	http://https://[your server name]//sso/callback
   Entity ID	https://qacomplete.smartbear.com	https://[your server name]/
   Application URL	https://<your SaaS domain>*.qacomplete.smartbear.com/common/Logon.asp?app=agSP	https://[your server name]//common/Logon.asp?app=agSPEnt
   Single Logout Binding Type	Redirect
   Signing Algorithm	RSA_SHA256

   *: Use the value of the Domain name field. You can find it in  > Setup > Security > Single Sign-On Administration in QAComplete.

   

   Click the image to enlarge it.

7. Click Continue to Next Step to proceed.

8. On the next page, click Add new attribute to map the necessary application attributes to identity attributes.

   Attribute Statements
   Application Attribute	Identity Bridge Attribute or Literal Value	Required
   firstName	First Name	Yes
   lastName	Last Name	Yes

   

   Click the image to enlarge it.

   Define custom usernames

   Define custom usernamesDefine custom usernames

   If you do not want to use emails to log users in to QAComplete with PingOne, you need to map the SAML_SUBJECT attribute to the Email identity bridge attribute during this step:

   

   Click the image to enlarge it.

   After that, you can define usernames on the Users page in PingOne.

   To learn more about adding users to the PingOne application, see the Add directory users article in the PingOne documentation.

9. Click Save & Publish to proceed.

10. On the Review Setup page, get the necessary data for setting up QAComplete:

    • entityId (Identity Provider Issuer)
    • Identity provider Single Sign-On URL
    • X.509 Certificate
    

    Click the image to enlarge it.

    To get the identity provider Single Sign-On URL and X.509 certificate, download the SAML Metadata file. Open it and copy the following information:

    

    Click the image to enlarge it.

    • Identity provider Single Sign-On URL: The value of the Location attribute of the <md:SingleSignOnService> tag.

    • X.509 certificate: The text between the <ds:X509Certificate> tags.

    Save these values somewhere else to use them during the QAComplete configuration.

See Also

Assign QAComplete to PingOne Users