Connectors

PingOne Advanced Identity Cloud Login Connector

The PingOne Advanced Identity Cloud Login connector lets you authenticate users using the default journey in PingOne Advanced Identity Cloud in your PingOne DaVinci flow.

Setup

Resources

For information and setup help, see the following:

Requirements

To use the connector, you’ll need:

  • An Advanced Identity Cloud license

  • A license for Identity Governance

Setting up PingOne Advanced Identity Cloud

To allow DaVinci to access PingOne Advanced Identity Cloud environment, create an application:

  1. In PingOne Advanced Identity Cloud, go to Applications.

  2. Click Custom Application.

  3. Select OIDC - OpenId Connect, then click Next.

  4. Select Web, then click Next.

  5. Enter the application name and description, and select an owner. Click Next.

  6. Define a client ID and secret.

    The Client ID and Client Secret are needed for the connector configuration.

  7. Click Create Application.

  8. On the application details view, go to the Sign On tab.

  9. In the PingOne Advanced Identity Cloud Login connector configuration, copy the DaVinci Redirect URL value from the connector settings and paste it into the Sign-in URLs field.

  10. For Grant Types, use the defaults (Authorization Code, Client Credentials, and Refresh Token).

  11. For Scopes, use openid at minimum. You can define additional OIDC scopes, such as profile, email, address, and phone.

  12. Click Save.

Configuring the PingOne Advnaced Identity Cloud Login connector

Add the connector in DaVinci as shown in Adding a connector, then configure it as follows.

Connector configuration

Client ID

The client ID you defined when configuring your application in PingOne Advanced Identity Cloud.

Client Secret

The client secret you defined when configuring your application in PingOne Advanced Identity Cloud.

Issuer URL

The URL containing information about the identity provider (IdP) that can be validated.

Scope

The OpenID Connect (OIDC) scopes used to request certain information about the user. Separate scopes with a space, such as openid email profile.

Application Redirect URL

Your application’s redirect URL, such as "https://app.yourorganization.com/". Enter this URL if you embed the DaVinci widget in your application. This allows DaVinci to redirect the browser back to your application.

DaVinci Redirect URL

Enter this URL in your Advanced Identity Cloud console under the Application tab.

Using the connector in a flow

Authenticating users

You can use the PingOne Advanced Identity Cloud Login capability to authenticate users, with Advanced Identity Cloud acting as a social identity provider.

The connector redirects the browser to Advanced Identity Cloud, initiates the default journey to allow the user to authenticate, then returns to DaVinci with the authentication result.