PingDirectory

Installing the application

The steps for installing the Delegated Admin application depend on:

  • The application host’s operating system (OS): Unix, Linux, or Windows

  • The identity provider (IdP): PingFederate or generic OpenID Connect (OIDC)

To install Delegated Admin, select your OS and IdP and follow the instructions in the corresponding section.

Don’t assign a value to window.PF_PORT in the config.js file if PingFederate uses port 443 but doesn’t specify that port in the PingFederate base URL, regardless of the OS.

Unix or Linux

Steps

  1. Run the following script in the /delegator directory.

    $ ./set-up-delegator.sh

  2. Enter the PingDirectory base DN for Delegated Admin resource data when prompted.

  3. Respond to the Use PingFederate as OAuth provider? prompt:

    Choose from:

    • To use PingFederate as your IdP, enter y.

      • The script generates several requests for information about your PingFederate server. Enter your own values where applicable, or press Enter to accept the default values.

    • To use a generic OIDC provider as your IdP, enter n.

      • Enter the OIDC authority URL and OIDC client ID when prompted. You copied these values from your OIDC provider when you configured the OIDC client for Delegated Admin. Learn more in Configuring other OIDC identity providers.

  4. Respond to the remaining command-line prompts.

Result

For either of the IdPs, the system generates:

  • A configuration file, config.js, located in the /webapps/delegator/app directory.

  • A batch file, delegated-admin.dsconfig, in the /webapps/delegator directory.

    If you answer y to the setup script question Is Delegated Admin being installed in a topology containing PingDirectoryProxy?, the system also generates a batch file, delegated-admin-for-proxy.dsconfig in the /webapps/delegator directory.

Next steps

Proceed to Completing the installation to complete the installation of Delegated Admin.

Windows

Steps

  1. In the Delegated Admin application directory, copy or rename the file example.config.js to config.js.

    The config.js file contains comments and placeholders for necessary information.

  2. Open config.js in a text editor.

  3. Change the variable values to match your setup configuration.

    config.js variable IdP Value

    window.AUTHENTICATE_WITH_PKCE

    PingFederate or other OIDC providers

    Specifies whether Delegated Admin should authenticate using the Authorization Code with PKCE grant.

    This value must be set to true for a generic OIDC provider.

    window.DADMIN_CLIENT_ID

    PingFederate or other OIDC providers

    Client ID for the PingFederate or OIDC client.

    window.OIDC_AUTHORITY

    Other OIDC providers

    OIDC authority URL for the OIDC client.

    window.PF_HOST

    PingFederate

    Public address of the PingFederate server to which the application redirects the user’s browser when signing on.

    window.PF_PORT

    PingFederate

    PingFederate port number.

  4. Save your changes to config.js.

  5. Concatenate the following files into a single file named delegated-admin.dsconfig:

    • delegated-admin-template-common.dsconfig

    • delegated-admin-template-ds.dsconfig

    • delegated-admin-template-webapp.dsconfig

    • delegated-admin-template-ds-or-proxy.dsconfig

      If you are not using PingFederate as your OIDC provider:

      Include:

      • delegated-admin-template-ds-or-proxy-no-pf.dsconfig

      Instead of:

      • delegated-admin-template-ds-or-proxy.dsconfig

  6. Open delegated-admin.dsconfig in a text editor and replace the variables, ${variable}, with actual values.

  7. Save your changes to delegated-admin.dsconfig.

Next steps

Proceed to Completing the installation to complete the installation of Delegated Admin.