Example: Set up the PingAuthorize Policy Editor in OIDC mode (PingFederate) - PingAuthorize

Page created: 9 Feb 2021 |

Page updated: 4 Aug 2021

| 1 min read

PingAuthorize 8.3 Product Installation User task Product documentation Content Type

Use this example as a reference to set up the PingAuthorize Policy Editor to handle sign-ons using a PingFederate OpenID Connect (OIDC) provider.

$ bin/setup oidc \
  --oidcHostname <ping-federate-hostname> \
  --oidcPort <ping-federate-port> \
  --clientId pingauthorizepolicyeditor \
  --generateSelfSignedCertificate \
  --decisionPointSharedSecret pingauthorize \
  --hostname <pap-hostname> \
  --port <pap-port> \
  --adminPort <admin-port> \
  --licenseKeyFile <path-to-license>

The Policy Editor uses the provided OIDC host name and OIDC to query the PingFederate server’s autodiscovery endpoint for the information it needs to make OIDC requests. The provided client ID represents the Policy Editor and must be configured in PingFederate. For more information about configuring PingFederate, see Configuring an Authentication Server for OpenID Connect single sign-on.