Azure AD as Service Provider via SAML and PingOne as IDP

I am trying to configurate EntraID as service provider via SAML 2.0. I am following this KB but the version is different.
Can you help me?

Hello, Rcardia2023, thank you for reaching out to the ForgeRock community.
To reach the community members who can best assist, we suggest posting your question in the PingOne for Enterprise community. You can do this by clicking on the following link:

This will ensure that your question is answered by the community members who are best equipped to help.

Thank you and warm regards,


Hi Salberteli01 thank you the answer. So,I dont have access to enterprise. How can I get the answer easier? Thank you

Hi Rcardia2023,

Thank you for clarifying. Based on the documentation you referred to at We’re here to help, I provided the link to the Enterprise forum.

However, if you’re not using Enterprise, you can instead post your question on the Ping One forum.

It’s essential to confirm if the version of MS 365 or EntraID is in question in the instructions. If yes, then although the documentation you referred to focuses on MS 365 and doesn’t mention EntraID, It is our understanding that the steps remain consistent, even though the name has changed.

Additionally, it’s worth noting that there are two versions of the documentation that you can refer to:

If you’re performing federation, it’s recommended that you refer to “Configuring SAML SSO with Microsoft 365 and PingFederate.”

I hope this information helps. Please let me know if further clarification or assistance is needed.

Thank you,


We need to use the second one (PingOne for Enterprise) but we cannot find O365 app using SAML as mentioning into the documentation. We can only find O365 App using WS-Federation. Do you happen to have some documentation about this configuration?

Our scenario is:
PingOne as an IDP and O365 as a Service Provider.

Thank you so much

Hi Rcardia2023,

Thank you for providing additional information regarding your requirements. It appears the issue is that you need to use Ping One Enterprise. However, the documentation available is mainly focused on configuring MS 365 using SAML, while your O365 app requires ws-federation. I did try to find relevant documentation, but it seems that it all leads back to PingFederate.
You can find more information at

Considering the products involved in your use case and the specialized expertise required, I strongly suggest reaching out to the PingOne Enterprise community directly, here. You can post your questions to the experts by registering and logging in. It is not necessary to have access to Enterprise to join.

They can assist you in identifying existing documentation for PingOne Enterprise using WS-Federation. I’m afraid our expertise in this forum is primarily limited to ForgeRock products.
I want to ensure you receive accurate guidance and avoid leading you astray. :)

I hope this information helps.

Thank you,


Sheila, this is exactly what we are finding (O365 as a service provider via SAML). The Pingone we are using dont have this. We are using a trial version. Where this configuration are?

PingOne for Enterprise has different features from the trial version?

I am not allowed to login in PingOne for Enterprise Community.

Help me please.

Hi Rcardia2023,

There should be no restrictions to logging into PingOne for Enterprise Community. Can you tell me what error you are receiving when trying to log in?

Thank you,