PingDirectory

Configuration overview

To operate Delegated Admin, you must install and configure PingDirectory server and have one of the following identity provider (IdP) options available:

  • An installed and configured PingFederate server

  • Other configured OpenID Connect (OIDC) providers

For installation instructions, see the documentation for each product. Learn more about the Delegated Admin Installation requirements.

To configure support for Delegated Admin on a PingDirectory server, complete the following tasks:

  • Configure users as Delegated Admin administrators.

  • Configure attributes and attribute searching.

  • Configure groups whose management requires delegation.

To configure support for using PingFederate as the IdP, complete the following tasks:

  • Configure PingFederate as the identity provider for Delegated Admin.

  • Configure PingFederate as the OAuth server for Delegated Admin.

  • Register Delegated Admin as a client.

  • Register the PingDirectory server as an OAuth token validator client.

To configure support for using an OIDC provider as the IdP, complete the following tasks:

  • Configure the OIDC provider as the identity provider for Delegated Admin.

  • Configure an identity mapper.

  • Configure an access token validator.