---
description: Configure PingOne to authorize external access to the Policy Editor.
component: pingauthorize
version: 10.1
page_id: pingauthorize:installing_and_uninstalling_pingauthorize:paz_config_p1az_paz
canonical_url: https://docs.pingidentity.com/pingauthorize/10.1/installing_and_uninstalling_pingauthorize/paz_config_p1az_paz.html
section_ids:
  config_p1_for_paz: Configuring PingOne for PingAuthorize policy administration
  about-this-task: About this task
  steps: Steps
  choose-from: Choose from:
---

# Configuring PingOne for PingAuthorize policy administration

## About this task

Configure PingOne to authorize external access to the Policy Editor.

## Steps

1. Sign on to PingOne and click your environment.

   ### Choose from:

   * If you have an account, go to the URL for your environment. Each environment has a unique URL for signing on that follows the https\://console.pingone.com/?env=\<environmentID> format.

   * If you don't already have a PingOne account, create one at [Try Ping](https://www.pingidentity.com/en/try-ping.html).

2. To create an application in PingOne to represent the Policy Editor, go to **Connections > Applications** and click the **[icon: plus, set=fa]**icon.

3. Enter a name for the application, such as `PingAuthorize Policy Editor`.

4. (Optional) Enter a description and add an icon.

5. Click **OIDC Web App**, and then click **Save**.

6. On the **Configuration** tab, click the **Pencil** icon to edit the settings.

7. In the **PKCE Enforcement** list in the **Grant Type** section, select **S256\_REQUIRED**.

8. In the **Redirect URIs** field, enter a redirect URL that follows the format `https://<pap.hostname:port>/idp-callback`.

9. In the **Token Endpoint Authentication Method** section, click **None**.

10. Click **Save**.

11. On the **Resources** tab, click the **Pencil** icon to edit the settings.

12. In the **Scopes** list, click the **[icon: plus, set=fa]**icon to add the **email** and **profile** scopes to the **Allowed Scopes** list.

13. Click **Save**.

14. Click the toggle to enable the application.

    ![Screen capture of the toggle to enable the Policy Editor application](_images/coo1641513465594.png)

15. Copy the following IDs:

    * **Client ID**: To find the client ID, go to the application's **Profile** tab.

    * **Environment ID**: To find the environment ID, click **Environment** in the left navigation pane.

      |   |                                                                                                 |
      | - | ----------------------------------------------------------------------------------------------- |
      |   | You'll need the client ID and the environment ID to configure the Policy Editor to use PingOne. |