Perform the following steps to configure PingAccess applications.
- Install PingAccess and verify that you can access the administrative console. For information on
installing PingAccess, see Installing and Uninstalling PingAccess.Note:
The default credential set should be changed upon first usage. The default credentials for your PingAccess installation are:
Username: Administrator Password: 2Access
- Configure an application in PingOne.
- Configure PingAccess to use PingOne as the token provider.
-
Create a virtual host.
For more information on creating a virtual host, see Creating new virtual hosts.
- Click Applications and then go to Applications > Virtual Hosts.
- Click + Add Virtual Host.
-
In the Host filed, enter a name for the virtual
host.
For example: myHost.com. You can use a wildcard (*) to indicate that any host name is acceptable. A wildcard host can also be specified, such as
*.example.com
. -
In the Port field, enter the port number for
the virtual host.
For example:
1234
. -
In the Agent Resource Cache TTL (s) field,
indicate the number of seconds the agent can cache resources for this
application.
Note:
Only applies to a destination of type
Agent
. - Click Save.
-
Create a web session.
For more information on creating a web session, see Creating web sessions.
Note:A web session is only used when protecting a web application. To protect APIs, configure an access token validator.
- Click Access and then go to Web Sessions > Web Sessions.
- Click + Add Web Session.
- In the Name field, enter a name for the web session.
- From the Cookie Type list, select your cookie type, either Signed JWT or Encrypted JWT.
- In the Audience field, enter a unique value.
-
In the Client ID field, enter the PingOne client ID.
Tip:
You can find the Client ID on the Profile tab of the application you created.
- From the Client Credentials Type list, select Secret.
- In the Client Secret field, enter the client secret found on the application's Configuration tab.
- Click Show Advanced .
-
In the Scopes section, specify one or more
scopes.
Note:
Ensure the scopes you specify match those configured for the PingOne application. Find the scopes on the Access tab of your PingOne application.
- Click Save.
-
Create a site.
For more information on creating a site, see Adding sites.
Note:In some configurations, a site might contain more than one application. A site can be used with more than one application, where appropriate.
- Click Applications and then go to Sites > Sites.
- Click + Add Site.
- Specify a Name for the site.
-
Enter the site Target.
The target is the hostname:port pair for the server hosting the application. Do not enter the path for the application in this field. For example, an application at https://mysite:9999/AppName will have a target value of mysite:9999.
- From the Secure list, select whether or not the target is expecting secure connections.
- If the target is expecting secure connections, from the Trusted Certificate Group list, select Trust Any.
- Click Save.
-
Create an application in PingAccess for each application that you want to
protect.
For more information on creating an application, see Adding an application.
- Click Applications and then go to Applications > Applications.
- Click + Add Application.
- In the Name field, enter a name for the application.
- In the Description field, optionally enter a description for the application.
-
In the Context Root field, specify the context
root for the application.
For example, an application at https://mysite:9999/AppName will have a context root of
/AppName
. If the application is on the root of the server, you can set the context root as/
. The context root must begin with a slash (/), must not end with a slash (/), and can be more than one layer deep, for example,/Apps/MyApp
. -
From the Virtual Host list, select the virtual
host you created.
Note:
The combination of virtual host and context root must be unique in PingAccess.
- From the Application Type list, select Web.
- From the Web Session list, select the web session you created.
- From the Site list, select the site you created that contains the application.
- Select the Enabled check box to enable the site when you save.
- Click Save.