PingCentral

Promoting OAuth and OIDC applications

You can promote the OAuth and OIDC applications assigned to you.

Before you begin

Prepare to provide the following:

  • Redirect URIs, if required. These are the URIs your users will be directed to after they receive authorization to access your application. Redirect URIs are only required when promoting applications that use an authorization code and implicit grant types.

    Redirect URIs are not limited to the number of characters they can contain, but cannot include wildcards or some special characters.

  • If a client secret is required to authenticate your application, you can create a custom secret, generate a secret, or leave the field empty and PingCentral will generate a client secret for you.

Steps

  1. To promote the application to an environment, click the expandable icon associated with the application, select the Promote tab, and click Promote.

    If an environment is offline or if a PingCentral administrator has set the environment status to Disabled, you will be unable to promote the application to a disabled or offline environment.

  2. From the Available Environments list, select the environment to which you want to promote the application.

    If you have the Application Owner role, you cannot promote applications to protected environments, which have shield icons associated with them.
  3. If curly brackets display in the upper right corner of the window, you have the ability to edit the underlying application JSON yourself. Or, you can complete the fields on this window.

    If you choose to complete the fields on this window, refer to the following:

    1. If redirect URIs are required to promote the application, enter them in the Redirect URIs field.

    2. If a client secret is required to authenticate your application, you can either:

      • Generate a new secret by selecting the option at the bottom of the modal.

      • Continue using the existing secret. Bypass the Generate New Secret button and promote the application.

    To edit the JSON yourself:

    1. Click the curly brackets.

      Result:

      The application JSON displays in the window.

    2. Update the JSON to meet your needs. Built-in JSON syntax validation occurs as you make updates to help prevent mistakes.

    3. When you’re finished, promote the application.

      Result:

      PingCentral promotes your application to the designated environment in PingFederate. You will see the new promotion in the History section of the page.

  4. To configure the SSO connection, provide the following information to your service provider:

    • The Client ID. Click View Client Details to access the Promotion Details window, which displays the client ID.

    • The OIDC discovery endpoint and client secret are also available in this window.

      This example displays the Client ID, the OIDC discovery endpoint, and the client secret on the Promotion Details modal.