Creating a native app
In this example, you’ll configure a full flow, accessing and authenticating an OpenID Connect (OIDC)mobile app.
-
Console
-
API
Creating a native app using the admin console
Steps
-
Go to Applications → Applications.
-
Click the icon.
Result:
The Add Application panel opens.
-
Enter an appropriate Application Name and a Description.
Example:
For example,
Getting Started Native App
. -
In the Choose Application type section, click Native.
-
Click Save.
Result:
The details panel opens. Applications are granted OAuth scopes so that they can access PingOne platform resources.
-
On the Configuration tab, click the Pencil icon.
-
In the Redirect URIs field, enter your mobile application’s redirect URL.
Example:
For example,
http://localhost
. -
Click Save.
-
To grant access to your application, go to the Access tab and click the Pencil icon.
-
Click to select the appropriate groups.
-
Click Save.
-
On the Resources tab, click the Pencil icon.
-
In the Search Scopes field, enter
profile
.This filters the list of resource types, so that only the OpenID profile scope remains visible in the scopes selection list.
-
On the Profile Scope tab, click the icon or drag it to the Allowed Scope column.
-
Click Save.
-
To map your PingOne user-defined attributes to your corresponding application attributes, on the Attribute Mappings tab, click the Pencilicon.
-
Click Add and complete the Attributesand corresponding PingOne Mappings fields.
-
Click Save.
-
At the top right of the web application’s profile, click the toggle to enable it.
Your new native app appears on the Applications page.
Next steps
Creating a native app using the API
About this task
Application developers can use the API operations to create a native app.
Steps
-
Use the access token generated through the worker app and the following
POST
operation:POST https://api.pingone.com/v1/environments/{{envId}}/applications
Example:
POST https://api.pingone.com/v1/environments/{{envId}}/applications { "enabled": true, "name": "NativeApp", "description": "Mobile App", "type": "NATIVE_APP", "protocol": "OPENID_CONNECT", "grantTypes": [ "AUTHORIZATION_CODE" ], "redirectUris": [ "pingonesdk://sample" ], "responseTypes": [ "CODE" ], "tokenEndpointAuthMethod": "CLIENT_SECRET_BASIC" }
-
To grant access to the web app and at least one scope in the system, you first must get the resource and scope IDs by using the following
GET
operation:GET https://api.pingone.com/v1/environments/{{envId}}/resources?expand=scopes
For details see GET: Step 3: Get the list of resources and GET: Step 4: Get all scopes in the API reference.
-
To create grants, use the following
POST
operation:POST https://api.pingone.com/v1/environments/{{envId}}/applications/{{webAppId}}/grants
For details, see POST: Step 5: Create the application’s resource access grant in the API reference.
-
To create push credentials, use the corresponding
POST
operation for your mobile operating system:Choose from:
-
For an Android app:
POST https://api.pingone.com/v1/environments/{{envId}}/applications/{{nativeAppId}}/pushCredentials { "type": "FCM", "key": "{{fcmServerKey}}" }
-
For an iOS app:
POST https://api.pingone.com/v1/environments/{{envId}}/applications/{{nativeAppId}}/pushCredentials { "type": "APNS", "key": "{{appleKey}}", "teamId": "{{appleTeamId}}", "token": "-----BEGIN PRIVATE KEY-----\n{{appleToken}}\n-----END PRIVATE KEY-----" }
-