PingOne for Enterprise

Using the global REST API client credentials

View and update the global REST API Client ID and REST API Client Secret values.

About this task

As a Service Provider (SP), to integrate your cloud application with PingOne SSO for SaaS Apps, you must assign a REST API Client Secret value. This value with the associated REST API Client ID are the credentials required for basic HTTP authentication between your client and PingOne SSO for SaaS Apps, which creates a secure connection over which your application can receive user attributes.

You can use the REST API Client ID and REST API Client Secret on the Global Credentials tab for all of your application connections and the Customer Connections API. For improved security, you should create separate credentials for each application.

Include these credentials in the Basic authorization header as REST_API_Client_ID:REST_API_Client_Secret using Base64-encoding.

When using cURL, the --user parameter is a wrapper for Basic authentication.

Steps

  1. Go to Account → Integration → Global Credentials.

    If you have not set a global REST API Client Secret, this tab is being deprecated in favor of the new application credential and connection credential tabs.

    If you have set the global REST API Client Secret, you can disable it in favor of the more secure application and connection credentials.

  2. To change the global credentials, click Edit:

    1. Enter a REST API Client Secret value.

    2. Select or clear the Enabled check box.

    When disabled, these credentials are no longer valid for the PingOne SSO for SaaS Apps Customer Connection API or Token Exchange API.

    1. Click Save.

      Your REST API Client ID value is assigned when you activate your PingOne SSO for SaaS Apps account. This value cannot be changed.

Result

Any of your clients that use the PingOne SSO for SaaS Apps Customer Connection API will use these credentials.

Next steps