PingAuthorize

Configuring PingOne for PingAuthorize policy administration

About this task

The following configuration allows PingOne to authorize external access to the PingAuthorize Policy Editor.

Steps

  1. Sign on to PingOne and click your environment.

    Choose from:

    • If you have an account, go to the URL for your environment. Each environment has a unique URL for signing in. It follows the format https://console.pingone.com/?env=<environmentID>.

    • If you do not already have an account, create one at Try Ping.

  2. To create an application in PingOne to represent the PingAuthorize Policy Editor, go to Connections → Applications and click the icon.

  3. Enter a name for the application, such as PingAuthorize Policy Editor.

  4. Optional: Enter a description and add an icon.

  5. Click OIDC Web App, and then click Save.

  6. On the Configuration tab, click the Pencil icon to edit the settings.

  7. From the PKCE Enforcement list in the Grant Type section, select S256_REQUIRED.

  8. In the Redirect URIs field, enter a redirect URL that follows the format https://<pap.hostname:port>/idp-callback.

  9. In the Token Endpoint Authentication Method section, click None.

  10. Click Save.

  11. On the Resources tab, click the pencil icon to edit the settings.

  12. In the Scopes list, click the icon to add the email and profile scopes to the Allowed Scopes list.

  13. Click Save.

  14. To enable the application, click the toggle.

    Screen capture of the toggle to enable the PingAuthorize Policy Editor application
  15. Copy the following IDs:

    • Client ID: To find the Client ID, go to the application’s Profile tab.

    • Environment ID: To find the Environment ID, click Environment in the left navigation pane.

      You’ll need them when you configure the Policy Editor to use PingOne.