PingOne

Scenario 2: Promotion with dependencies (early access)

Similar to the first scenario, the goal of this scenario is for you to complete a promotion of an application from the Promotion-Source environment to the Promotion-Target environment. In this case, you’re promoting My SAML app, which has several dependent resources.

When you open the details panel for the My SAML app and click the Policies tab, you can see it’s assigned the BX-Corp-MFA-auth authentication policy.

A screenshot of the Policies tab for My SAML app, showing the BX-Corp-MFA-auth policy assigned.

When you look at the details for the BX-Corp-MFA-auth policy, you’ll see that it’s configured in turn to reference the BX Corp MFA policy.

A screenshot of the BX-Corp-MFA-auth policy configuration, showing the BX Corp MFA policy.

Finally, if you view the details for the BX Corp MFA policy, you can see that it references the FIDO Passkeys policy.

A screenshot of the BX Corp MFA policy configuration, showing the FIDO Passkeys policy.

A successful promotion of My SAML app depends on promoting each of these policies. If one or more of these policies isn’t promoted, user access to the app might not work properly.

You won’t need to keep track of the dependencies manually. The PingOne promotion service tracks them automatically and then lets you decide how to map them to resources in the target environment.

Configure promotion variables in the source environment

As you prepare for your promotion, determine whether you want to define any promotion variables.

For this scenario, you’ll define variables for ACS URLs and Default Target URL.

Steps

  1. Sign on to the PingOne admin console for the Promotion-Source environment.

  2. Go to Promote > Promotion Variables and click Create Promotion Variable.

  3. In the Select Target Environment modal, select Promotion-Target in the Target Environment list.

  4. Select The correct environment is selected and I want to continue and click Confirm.

  5. On the Create Variables page, in the Resource Details section, select Application in the Category list and SAML in the Sub-category list.

    You might need to click Reload resources list to pick up categories for configuration resources that were recently added to the environment.

  6. Select ACS URLs and Default Target URL, then click Next.

  7. Set the following variable values to use in the Promotion-Target environment.

    The values for the source environment are displayed on the left, and you define the target environment values on the right.

    • ACS URLs: https://test-acs.url.com

    • Target Application URIs: https://test-mysamlapptarget.com

  8. Click Next.

  9. On the Review and Save page, confirm the variable configuration and click Save.

Result

You’re returned to the Promotion Variables page. My SAML App is listed in the Resources with Variables section, along with My First App from scenario 1.

A screenshot of the Promotion Variables page showing My SAML App and My First App in the Resources with Variables list.

Configure and run the promotion in the source environment

To configure the promotion, you’ll confirm the target environment, select the resource to promote (My SAML app), and determine whether the resource should be created as new in the target environment or mapped to an existing resource. You’ll also determine how to manage several dependencies. Then you’ll run the promotion.

Steps

  1. In the PingOne admin console for the Promotion-Source environment, go to Promote > Promotions.

  2. Click Run a Promotion.

  3. On the Confirm Target Environment modal, ensure that Promotion-Target is selected in the Target Environment list.

  4. Select The correct environment is selected and I want to continue and click Confirm.

    A screenshot of the Confirm Target Environment modal with Promotion-Target selected in the Target Environment list and the confirmation checkbox selected.

    After you confirm the target environment, PingOne takes snapshots of both environments, compares configuration resources, and lists the resources that you can promote.

    A screenshot of the Select Resources to Promote page without anything selected.

  5. On the Select Resources to Promote page, search for My SAML App and select it.

    A screenshot of the Select Resources to Promote page with My SAML App selected.

  6. Click Next.

    On the Map Resources page, you can see that the promotion service didn’t find a corresponding resource in the Promotion-Target environment. In this case, we’ll promote the app as a new resource.

    A screen shot of the Map Resources modal with My SAML App in the Source field.

  7. Click Confirm and Continue.

  8. On the Auto-Selected Dependencies page, the policies discussed in the introduction are listed.

    A screenshot of the Auto-Selected Dependencies page listing the dependent policies.

  9. Click Continue.

  10. Map the dependencies to existing resources in the target environment or create them as new resources.

    A screenshot of the Auto-Selected Dependencies page with mapping options.

    In this example, the promotion service found a likely match for the Passkeys policy, and has automatically selected to map the policy in the source environment to the policy in the target environment.

    If you wanted to keep the existing policy in the target environment and add this one as new, you’d click the Map toggle to the off position (gray).

    The service didn’t find matches for either of the other policies, and will promote them as new resources. Again, if you don’t agree with the recommendations, click the Map toggle to the on position (blue) and select a resource from the Target list to map to.

  11. When you’ve made any necessary adjustments, click Confirm.

  12. On the Confirm Promotion page, review the details for the promotion and enter release notes.

    A screenshot of the Confirm Promotion page

  13. Click Run Promotion.

Result

You’re returned to the Promotions page and the current promotion is listed with a status of In Progress. After about 30 seconds, refresh the page. The status will change to Success for a successful promotion.

A screenshot of the Promotions page showing a successful promotion.

Verify the promotion

To verify the results of the promotion, first confirm the details of the promotion in the source environment, then ensure that the My SAML app application and its dependencies now exist in the target environment.

Steps

  1. In the PingOne admin console for the Promotion-Source environment, go to Promote > Promotions.

  2. Locate the promotion in the list, click the More Options icon (⋮), and select View.

    Promotions are listed in reverse chronological order, so the most recent promotion appears at the top of the list.
    A screenshot of the Promoted Resources tab of the promotion details panel showing the list of promoted resources, including My SAML App and its dependencies.

  3. On the Overview tab, click View Target Environment.

    You’re taken to the PingOne admin console for the target environment so that you can confirm that the promoted resources exist and match what you expect.

  4. For this scenario, go to Applications > Applications, browse or search for My SAML app, and click it to open the details panel.

    A screenshot of the details panel for the My SAML app application in the target environment, showing the settings defined in variables in the source environment.

Result

My SAML app now exists in the Promotion-Target environment, as do its associated dependencies.

You can also verify the status of the promotion by running an audit report and selecting the Promotion Executed event. Other promotion-related events include Promotion Created, Promotion Deleted, and so on. You can find more information about auditing reports in Running an audit report.
A screenshot of the Audit Parameters page with the Promotion events listed and the Promotion Executed event selected.