Setup

Resources

For information and setup help, see the following:

Requirements

To use the connector, you'll need:

  • An Advanced Identity Cloud license
  • A license for Identity Governance

Setting up PingOne Advanced Identity Cloud

To allow DaVinci to access PingOne Advanced Identity Cloud environment, create an application:

  1. In PingOne Advanced Identity Cloud, go to Applications.
  2. Click + Custom Application.
  3. Select OIDC - OpenId Connect, then click Next.
  4. Select Web, then click Next.
  5. Enter the application name and description, and select an owner. Click Next.
  6. Define a client ID and secret.
    Note:

    The Client ID and Client Secret are needed for the connector configuration.

  7. Click Create Application.
  8. On the application details view, go to the Sign On tab.
  9. In the PingOne Advanced Identity Cloud Login connector configuration, copy the DaVinci Redirect URL value from the connector settings and paste it into the Sign-in URLs field.
  10. For Grant Types, use the defaults (Authorization Code, Client Credentials, and Refresh Token).
  11. For Scopes, use openid at minimum. You can define additional OIDC scopes, such as profile, email, address, and phone.
  12. Click Save.

Configuring the PingOne Advanced Identity Cloud Login connector

Add the connector in DaVinci as shown in Adding a connector, then configure it as follows.

Connector configuration

Client ID
The client ID you defined when configuring your application in PingOne Advanced Identity Cloud.
Client Secret
The client secret you defined when configuring your application in PingOne Advanced Identity Cloud.
Issuer URL
The URL containing information about the identity provider (IdP) that can be validated.
Scope
The OpenID Connect (OIDC) scopes used to request certain information about the user. Separate scopes with a space, such as openid email profile.
Application Redirect URL
Your application's redirect URL, such as "https://app.yourorganization.com/". Enter this URL if you embed the DaVinci widget in your application. This allows DaVinci to redirect the browser back to your application.
DaVinci Redirect URL
Enter this URL in your Advanced Identity Cloud console under the Application tab.

Using the connector in a flow

Authenticating users

You can use the PingOne Advanced Identity Cloud Login capability to authenticate users, with Advanced Identity Cloud acting as a social identity provider.

The connector redirects the browser to Advanced Identity Cloud, initiates the default journey to allow the user to authenticate, then returns to DaVinci with the authentication result.