home

Mobile Endpoint Security

Mobile Endpoint SecuritySecurity Service Edge
Mobile Endpoint SecuritySecurity Service Edge

Lookout Product Documentation

Find answers about using and optimizing Lookout products.

Show Contents

Mobile Endpoint Security

Setting Up PingFederate

Configure Assertion Creation

  1. On the Assertion Creation tab, click CONFIGURE ASSERTION CREATION.
  2. Check Standard, then click Next.
  3. In the SAML_SUBJECT dropdown, select urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified:


  4. Under Extend the Contract, click the Add button on the right and create each of the following attributes:
    AttributeFormatDescription
    ent

    All attributes use the format

    urn:oasis:names:tc:SAML:2.0:

    attrname-format:basic

    		This is a static value provided by Lookout. It is the GUID generated when creating the enterprise tenant, for example: 7e1a2620-b8ab-4fd1-a8c7-4a2b980ec23a
    givenname
    		The user's first name.
    mail
    		The user's email.
    memberof
    		The user's group membership.
    sn
    		The user's last name.
    upn
    		AD User Principal name.
  5. Click Next.
  6. Click Map New Adapter Instance:


  7. Under Adapter Contract, select RETRIEVE ADDITIONAL ATTRIBUTES FROM MULTIPLE DATA STORES USING ONE MAPPING, then click Next.
  8. Select your data source.
    The example below uses an LDAP instance.



  9. In the LDAP Directory Search tab, select the attributes that map to the custom attributes created in Step 4:


  10. In the LDAP Filter tab, create a search filter that looks up user information based on the username value:


  11. Click Done.
  12. In the Attribute Contract Fulfillment tab, map the SAML attributes from your new Active Directory or LDAP Adapter, with two exceptions:
    • SAML_SUBJECT uses the default Adapter value to get the username from the login HTML form.
    • ent takes the enterprise tenant GUID, which is provided to you by Lookout.


  13. On the Issuance Criteria tab, optionally select authorization conditions, then click Next.
  14. Click Done.
  15. On the Authentication Source Mapping tab, click Next.
  16. Click Done.
  17. On the Assertion Creation tab, click Next.

Last updated: November 20, 2024

lookout-footer

Legal Privacy Policy Cookie Policy Transparency Report Compliance Info Compliance Info (Gov)

© 2024 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, LOOKOUT with Shield Design® and the Lookout multi-color/multi-shaded Wingspan Design® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, and the 4 Bar Shield Design.