Adding Microsoft as an identity provider in PingOne
Configure the identity provider connection in PingOne.
Steps
-
In PingOne, go to Integrations → Provisioning.
-
Click Add Provider.
-
Click Microsoft.
-
On the Create Profile page, enter the following information:
-
Name: A unique identifier for the IdP.
-
Description: (Optional). A brief description of the IdP.
You cannot change the icon and login button, in accordance with the provider’s brand standards.
-
-
Click Continue.
-
On the Configure IDP Connection page, enter the following information:
-
Client ID: The application ID from the IdP that you copied earlier. You can find this information on the Microsoft Entra admin center.
-
Client secret: The application secret from the IdP that you copied earlier. You can find this information on the Microsoft Entra admin center.
-
-
Click Save and Continue.
-
On the Map Attributes page, define how the PingOne user attributes are mapped to IdP attributes. Learn more in Mapping attributes.
-
Enter the PingOne user profile attribute and the external IdP attribute. Learn more about attribute syntax in Identity provider attributes.
-
To add an attribute, click Add attribute.
-
To use the expression builder, click Build and test or Advanced Expression. Learn more in Using the expression builder.
-
Select the update condition, which determines how PingOne updates its user directory with the values from the IdP. The options are:
-
Empty only: Update the PingOne attribute only if the existing attribute is empty.
-
Always: Always update the PingOne directory attribute.
-
-
-
Click Save and Finish.