# Introduction to SAML with Ping Identity

For an overall understanding of the SAML authentication feature, read the [overview](https://docs.sonarsource.com/sonarqube-server/instance-administration/authentication/saml/overview "mention") page.

To set up SAML with PingOne or PingFederate:

1. If you want to use Just-in-Time provisioning with the group synchronization feature, verify the user groups in SonarQube Server so that the automatic group synchronization can take place properly. See [#justintime-provisioning](https://docs.sonarsource.com/sonarqube-server/instance-administration/overview#justintime-provisioning "mention").
2. Make sure your SonarQube Server URL is set in SonarQube Server. See [server-base-url](https://docs.sonarsource.com/sonarqube-server/instance-administration/server-base-url "mention").
3. Register SonarQube Server in PingOne or PingFederate. See[setup-in-ping-identity](https://docs.sonarsource.com/sonarqube-server/instance-administration/authentication/saml/ping-identity/setup-in-ping-identity "mention").
4. Configure SAML in SonarQube Server. See[setup-in-sq](https://docs.sonarsource.com/sonarqube-server/instance-administration/authentication/saml/ping-identity/setup-in-sq "mention").
5. Optionally, set up security features. See [optional-security-features](https://docs.sonarsource.com/sonarqube-server/instance-administration/authentication/saml/ping-identity/optional-security-features "mention").

{% hint style="info" %}
Starting in [Enterprise Edition](https://www.sonarsource.com/plans-and-pricing/enterprise/), in addition to the SAML setup, you can configure SCIM to automatically provision users and groups to SonarQube. For more information, see [overview](https://docs.sonarsource.com/sonarqube-server/instance-administration/authentication/saml/scim/overview "mention").
{% endhint %}