Create a Workforce environment
- Click the Ping Identity logo in the top-left corner to go to the Environments page.
- Click + Create Environment.
- Select Workforce as the solution type.
- Choose an environment type. Select Sandbox for testing, or Production for your live environment.
- Name your environment, select your region and click Next to create it.
- Open the new environment. In the left sidebar, confirm Applications and Integrations > Provisioning appear in the sidebar.
Create a SAML application in PingOne
- Make sure you’re in your Workforce environment — check the breadcrumb at the top of the page.
- Go to Applications > Applications in the left sidebar.
- Click the + button to add a new application.
- Enter an Application Name — for example,
Sketch Enterprise— and an optional description. - Select SAML Application as the application type.
- Click Configure.
Configure SAML settings
- Select the Manually enter option.
- Paste the values you copied when setting up SAML SSO in your Workspace:
- ACS URLs: your ACS URL from Sketch
- Entity ID: your Entity ID from Sketch
- Click Save.
- Scroll down and click Download Metadata to save the XML file. You’ll need this to complete setup in Sketch.
Configure attribute mappings
- In the Applications list, click your Sketch application to open it.
- Go to the Attribute Mappings tab.
- Add the following mappings, then click Save:
| Attribute | PingOne mapping |
|---|---|
email |
Email Address |
first_name |
Given Name |
surname |
Family Name |
Set NameID format
- Go to the Configuration tab.
- Set NameID Format to
Email Addressand click Save.
Enable the application
- At the top of the application panel, toggle the application on. Enable it before users can sign in.
Now head to How to finish setting up SAML SSO in your Workspace and upload the PingOne metadata XML file you downloaded earlier.
If you want to automate user provisioning, follow the Ping Identity SCIM setup guide once SSO is working.
