Post a credential from your PingOne environment to
the /pingone/connections
administrative API endpoint in PingAccess to establish a connection between PingAccess and PingOne Protect.
-
Configure PingOne Protect for connectivity with
PingAccess:
- In your PingOne administrative environment, go to Connections.
-
In the Ping Products section, click the PingFederate
connection.
Currently, you must use the PingFederate connection because PingAccess does not have one of its own.
- On the connection that you decide to use, click the Pencil icon.
-
On the Configuration tab, click
+Add next to
Credentials.
This copies a JSON Web Token (JWT) to your clipboard that contains information on your PingOne environment.
-
Configure PingAccess for connectivity with
PingOne Protect:
- Sign on to the local PingAccess system and start a non-Internet Explorer (IE) browser.
-
Sign on to the API doc page at
https://<host>:<admin-port>/pa-admin-api/v3/api-docs/.
https://localhost:9000/pa-admin-api/v3/api-docs/
Use the normal administrator username, Administrator, and your password.
-
Expand /pingone, then expand
POST
/pingone/connections
. -
Click Paste Model Template.
This button is located just underneath the PingOneConnection field.
- In the PingOneConnection field, paste the JWT that you copied to your clipboard in step 1d as the <credential> variable.
-
Fill out the rest of the PingOneConnection field
using the PingOneConnectionView operation model
in the API docs.
<credential>, <trustedCertificateGroupId>, and <name> must have valid responses before you can save the connection. If you don't specify an <id>, this value will be auto-generated when you save the connection.
- Click Try it out! to save the connection.
After you've created a connection, you can assign it to a specific risk policy through the
/riskPolicies
endpoint. For more information, see Creating a PingAccess risk policy.