Promoting OAuth and OIDC applications
You can promote the OAuth and OIDC applications assigned to you.
Before you begin
Prepare to provide the following:
-
Redirect URIs, if required. These are the URIs your users will be directed to after they receive authorization to access your application. Redirect URIs are only required when promoting applications that use an authorization code and implicit grant types.
Redirect URIs are not limited to the number of characters they can contain, but cannot include wildcards or some special characters.
-
If a client secret is required to authenticate your application, you can create a custom secret, generate a secret, or leave the field empty and PingCentral will generate a client secret for you.
Steps
-
To promote the application to an environment, click the expandable icon associated with the application, select the Promote tab, and click Promote.
If an environment is offline or if a PingCentral administrator has set the environment status to Disabled, you will be unable to promote the application to a disabled or offline environment.
-
From the Available Environments list, select the environment to which you want to promote the application.
If you have the Application Owner role, you cannot promote applications to protected environments, which have shield icons associated with them. -
If redirect URIs are required to promote the application, enter them in the Redirect URIs field.
-
Optional: If curly brackets display in the upper right corner of the window, as shown below, you can customize the raw JSON yourself.
-
Click the curly brackets.
Result:
The raw JSON displays in the window.
-
Update the JSON to meet your needs. This information is validated as you make updates to help prevent mistakes.
-
Click Promote.
-
-
If a client secret is required to authenticate your application, you can:
-
Create a custom secret and enter it in the Client Secret text box.
If your PingCentral administrator has chosen to enforce random secret generation, application owners will be unable to create their own secret, and PingCentral will generate a random client secret.
-
Generate a client secret by clicking the Generate Secret button.
-
-
Click Promote.
Result:PingCentral promotes your application to the designated environment in PingFederate. You will see the new promotion in the History section of the page.
-
To configure the SSO connection, provide the following information to your service provider:
-
The client ID. Click View Client Details to access the Promotion Details window, which displays the client ID.
-
The client secret and OIDC discovery endpoint are also available in this window.
-