PingOne Advanced Services

Configuring connections for SSO

To allow administrators to use single-sign on (SSO) to access PingOne Advanced Services and the appropriate admin consoles, configure the connections.

Before you begin

Ensure that:

  • Your PingOne environment is provisioned.

  • You have administrator credentials to sign on to the environment.

  • You have the region domain and environment ID for the PingOne Advanced Services environment, which you can get from your Ping Identity team members.

You can configure connections manually or by using Postman. If you use Postman, you’ll need to ensure that several collection variables are set and that Postman is correctly configured. To learn more, see Configuring Postman.

Regardless of which method you choose, you’ll need to complete these steps:

Steps

  1. Create custom attributes to authenticate users when they sign on.

  2. Create an OIDC application and configure it to connect the PingOne environment to the PingOne Advanced Services environment.

  3. Configure the identity provider. There are a variety of ways the identity provider (IdP) can be configured.

    Users can be managed:

    • In the same PingOne environment that contains the OIDC application connection to PingOne Advanced Services, which is the default.

    • In a PingOne environment that does not contain the OIDC application connection.

    • By another identity provider who uses OIDC.

  4. If you have the Postman application, you can validate the configuration by running a Postman collection.

  5. Submit a service request to the Support and Professional Services teams to provide them with details regarding the OIDC application and the name that should display when users sign on.

    If users report that they can’t access the admin consoles, see Troubleshooting, which provides step-by-step instructions for troubleshooting the connections.