PingFederate Server

Creating connections to PingOne

Administrators can create connections between PingFederate and PingOne that some PingFederate plugins can use to access services provided by PingOne.

About this task

In the following procedure, you create a connection profile and credential in PingOne. Then you use the credential in PingFederate to establish the connection. So you need administrative access to both applications. NOTE: You cannot use the same credential in multiple extant connections.

After creating the connection, you can use it to configure PingFederate plugins that support connections to PingOne, such as the PingOne MFA and PingOne Protect plugins.

For more information about these connections, see Connections to PingOne in the PingFederate documentation and PingFederate connections in the PingOne documentation.

Steps

  1. In PingOne, create a connection profile and credential:

    1. Go to Connections → Product Platform → PingFederate.

    2. Click Add Connection.

    3. On the Create Connection Profile window, enter a Connection Name and Description.

    4. Click Save and Continue.

    5. On the Establish Connection with PingFederate window, copy the connection credential by clickingCopy to Clipboard.

    6. If you will not perform step 2 now, paste and save the credential in a text file because this is the only time you can view and copy the credential.

  2. In PingFederate, establish the connection:

    1. Go to System → External Systems → PingOne Connections.

    2. On the PingOne Connections window, click Add Connection.

    3. On the Add Connection window, paste the credential that was created in step 1.

    4. Enter a new Connection Name or keep the auto-populated name, which is the name of your organization on PingOne. Ensure the name is unique.

    5. Enter a Connection Description.

    6. Click Save. The PingOne Connections window shows the new connection. The connection is enabled by default.

  3. Optional: Configure the PingOne unified admin icon in the navigation menu to access your PingOne admin console from PingFederate.

    1. Edit the <pf_install>/pingfederate/bin/run.properties file.

    2. Modify the pf.pingone.admin.url.region and pf.pingone.admin.url.environment.id properties for your environment.

      For more information on these properties, see Configuring PingFederate properties.

    3. Restart PingFederate.

Next steps

After you create a connection, you can:

  • use the connection to configure PingFederate plugins that support these kinds of connections

  • change which environments in PingOne the connection can access

  • replace or revoke the connection’s credentials

  • disable the connection

  • change the connection’s name or description

For more information, see Modifying connections to PingOne.