Views:
  1. Go to Administration > Single Sign-on, then click Download to obtain the metadata XML File.

    Download Metadata

    Click the image to enlarge.

  2. Go back to the User Accounts page, then add a new SAML account to federation Login with PingOne Account.

    Add SAML Account

    Click the image to enlarge.

  1. Log in to PingOne Application Admin Portal.
  2. Go to SETUP Tab and initialize Identity Repository.

    Identity Repository

    Click the image to enlarge.

  3. Go to Applications, click the Add Application button under the SAML tab, and then select New SAML Application.

    New SAML Application

    Click the image to enlarge.

  4. Fill in basic information on the New Application Setup page.

    Application Setup

    Click the image to enlarge.

  5. Upload XDR-SP Metadata XML to Application, and set the following field values:
    • Protocol Version: SAML v 2.0
    • Single logout Binding Type: Post

    Upload Metadata

    Click the image to enlarge.

  6. Click Next, and then ignore the SSO Attribute Mapping Setup.
  7. Assign User Group to the Application.

    Group Access

    Click the image to enlarge.

     

    The Trend Micro Vision One SAML Account created earlier should be included as one user of the group.

    Sample Group: Trend-XDR@directory (Contains username and domain of SAML Account)

     
  8. Download PingOne-IDP Metadata XML.
    1. Click Download from SAML Metadata.
      Sample File Name: saml2-metadata-p1idp.xml
    2. Click Finish.

    Download SAML Metadata

    Click the image to enlarge.

  1. Login to Trend Micro Vision One Console using the Master Administrator Account. Go to Single Sign-On Page > Upload PingOne-IDP Metadata XML to Vision One Console.

    Upload Metadata

    Click the image to enlarge.

  2. Test Federation from Trend Micro Vision One Console.
    1. Log out from Trend Micro Vision One Console.
    2. Enter the SAML Account on Trend Micro Vision One Login Page, and click Continue.

      Vision One Login

      Click the image to enlarge.

      This will redirect you to the Ping Identity Sign On page.

    3. Provide the Ping Identity Account and password of the SAML Account.

      Pind Identity Login Page

      Click the image to enlarge.

      The SAML account should now be able to access the Trend Micro Vision One Console.