PingCentral

Updating environments

Update PingFederate and PingAccess environment information at any time.

Steps

  1. To manage the environment maintenance status, see the following choices:

    Choose from:

    • To indicate that an environment is down for maintenance, toggle the switch on the applicable environment status bar from left (green) to right (gray). This action signals to application owners that the environment is undergoing maintenance and is now Disabled. This prevents PingCentral from connecting to the environment, avoiding UI errors.

    • To revert maintenance status, toggle the switch on the applicable environment status bar from right (gray) to left (green). This action removes the maintenance Disabled status, allowing application owners to resume interactions with the environment. This is the default status.

      If an environment is offline or Disabled, the environment information displays a gray OFFLINE status bar. If an environment status is unknown, the status bar is unavailable.

  2. To edit environment information, click the expandable icon associated with it, and then click the Pencil icon.

    All of the editable information displays on one page.

    Option Description

    Update the name and description

    To update the name and description, change the information in the Name, Short Code, and Description fields.

    Update the assertion encryption certificate

    To update the assertion encryption certificate, click Choose to upload a new certificate and enter the certificate password in the appropriate field.

    Update connection information

    To update the connection, ensure that the authentication method you want to use is selected:

    • Native: Update the Username and Password fields for your PingFederate or PingAccess environments.

    • OAuth2: Update the information in the Token Endpoint URL, Client ID, Client Secret, and Scopes fields.

    • Client Certificate: Update the certificate used for mTLS.

      If a PingAccess environment is added to PingCentral and removed through the edit page, the connection information is saved and restored if the PingAccess environment is selected again.

    Configure promotion approval requirements

    To configure if non-administrators need approval for promoting an application to an environment, select an option from the Approval Type.

    Choose from:

    • Select No Approval to allow non-administrators to promote applications to the environment freely.

    • Select Approval Required to indicate that application promotion requires approval.

    • Select Require Approval If Any Expression Fails and see Creating and testing approval expressions at the bottom of this page for details.

    • Select Require Approval If Any Expression Succeeds and go to Creating and testing approval expressions on this page.

    Update the JSON editing option

    If you want application owners to be able to edit the underlying application JSON when they promote their OAuth and SAML applications, select Allow JSON editing for application promotions.

    Providing application owners with this ability can be risky, so it’s highly recommended that you require promotion requests to be approved. That way, you’ll be able to compare the submitted application JSON to the original application JSON before you approve the promotion.

    Add or remove the enforcement of random client secret generation

    To enforce random secret generation and restrict non-administrators from creating their own, select the Enforce Random Client Secrets check box. PingCentral will generate random client secrets. To allow non-administrators to generate their own secret, clear the check box.

    Configure application owner deletion access

    To restrict application owners from deleting applications from environments, select the Allow only administrators to delete applications from PingFederate (and PingAccess, when applicable), option.

    Update the signing certificate

    To update the signing certificate used to promote SAML applications, select the appropriate certificate in the Signing Certificate list or upload your own.

    Update the SP certificate

    To update the service provider (SP) certificate, click Choose to upload a new certificate and enter the certificate password in the appropriate field.

    Update the assertion encryption certificate

    To update the assertion encryption certificate, click Choose to upload a new certificate and enter the certificate password in the appropriate field.

  3. Click Save.