PingDirectory

Configuring other OIDC identity providers

Complete the following steps to configure a non-PingFederate OpenID Connect (OIDC) provider as the identity provider for Delegated Admin.

Steps

  1. Create an OIDC client and specify the following values:

    • Redirect URI: http://<hostname:port>/delegator/

      This is the server that hosts the Delegated Admin web application. Your OIDC client might also call this value Redirect URL, Callback URI, or Callback URL.

    • Scopes: urn:pingidentity:directory-delegated-admin

    • Grant type: Authorization code

    • PKCE enforcement: Required

    • Token endpoint authentication method: None

  2. Make a note of the following OIDC client values, which are required to install Delegated Admin:

    • Client ID

    • OIDC authority URL

      This value represents the base URL of the OIDC client’s Discovery endpoint. Your OIDC provider might use a different name for this URL.

Next steps

After installing Delegated Admin, configure PingDirectory to use the OIDC provider as the identity provider.