PingOne

Adding a banking application in PingOne

Learn how to create an application in PingOne that is granted access to a generic OAuth resource server. Later, you’ll use this application to demonstrate protection against unauthorized access to a managed API service.

About this task

Create a banking application and its resources. You’ll use the banking application to represent every other API client on the internet that doesn’t have access to the Meme Game API.

First, add a banking resource in PingOne and give it an OAuth scope. Scopes determine the permissions for services that the application can access. Then, add a single page application in PingOne that represents your banking application. Grant permission for the banking application to access your banking resource.

Steps

  1. Add the banking resource in PingOne:

    1. Go to Applications → Resources and click the icon.

    2. For the Resource Name, enter Banking App as a unique identifier for the resource.

      Screen capture of the Create Resource Profile step in PingOne showing the Resource Name, Audience, Description, and Access token time to live fields.
    3. Click Next.

    4. In Attributes, you don’t need to configure any attribute mappings, so click Next.

    5. To configure scopes, click Add Scope.

    6. For the Scope Name, enter banking as an identifier for the scope, and then enter a meaningful Description.

      Screen capture of the Scopes step for a resource in PingOne showing the Scope Name and Description fields.
    7. Click Save.

      Result:

      You’re ready to add a single page banking application in PingOne.

  2. Add the banking application in PingOne:

    1. Go to Applications → Applications and click the icon to add an application.

    2. For the Application Name, enter AAM Tutorial Banking Client as a unique identifier for the application, and then enter a meaningful Description.

    3. For the Application Type, click Single-Page.

      Screen capture of the Name and Description fields and the Application Type options for a new application in PingOne.
    4. Click Save.

  3. To enable the application, click the Enable toggle.

    Screen capture showing the Enable toggle for the banking application.
  4. Configure the banking application to act as an API client without any notion of users.

    Later, this makes testing easier because you won’t have to configure users.

    1. On the Configuration tab, click the Pencil icon.

    2. Under Grant Type, select the Client Credentials check box, and then under Token Endpoint Authentication Method, click the Client Secret Basic option.

      Screen capture showing the Client Credentials check box, Redirect URIs field, and Token Endpoint Authentication Method options for the banking application.
    3. For Redirect URIs, enter the following redirect:

      https://oauth.pstmn.io/v1/callback

      This enables you to sign on as a user from Postman in a later tutorial.

    4. Click Save.

  5. Grant an OAuth scope to your application.

    This allows your application to access banking APIs.

    1. Click the Resources tab, and then click the Pencil icon.

    2. Select the banking check box.

      Screen capture of Edit Resources showing the available scopes for the banking application.
    3. Click Save.

      Keep the banking application open in PingOne for now. You’ll need it in the next task.

Result

You added a single page application in PingOne to represent your banking application and configured it for access to the banking resource.

Next steps

You’re ready to get an access token for the banking application so it can make calls to APIs.