Using the global REST API client credentials
View and update the global REST API Client ID and REST API Client Secret values.
About this task
As a Service Provider (SP), to integrate your cloud application with PingOne SSO for SaaS Apps, you must assign a REST API Client Secret value. This value with the associated REST API Client ID are the credentials required for basic HTTP authentication between your client and PingOne SSO for SaaS Apps, which creates a secure connection over which your application can receive user attributes.
You can use the REST API Client ID and REST API Client Secret on the Global Credentials tab for all of your application connections and the Customer Connections API. For improved security, you should create separate credentials for each application.
For more information on creating additional credentials, see Creating or editing application-specific credentials and Creating or editing additional Connection API credentials.
|
Include these credentials in the Basic authorization header as When using cURL, the |
Steps
-
Go to Account → Integration → Global Credentials.
If you have not set a global REST API Client Secret, this tab is being deprecated in favor of the new application credential and connection credential tabs.
If you have set the global REST API Client Secret, you can disable it in favor of the more secure application and connection credentials.
-
To change the global credentials, click Edit:
-
Enter a REST API Client Secret value.
-
Select or clear the Enabled check box.
When disabled, these credentials are no longer valid for the PingOne SSO for SaaS Apps Customer Connection API or Token Exchange API.
-
Click Save.
Your REST API Client ID value is assigned when you activate your PingOne SSO for SaaS Apps account. This value cannot be changed.
-
Result
Any of your clients that use the PingOne SSO for SaaS Apps Customer Connection API will use these credentials.