To keep your applications secure, rotate certificates and client secrets on a regular basis and apply updated security configurations to applications built from templates when new configuration templates become available.

You don't need to recreate your applications in PingCentral to apply new templates. Replace the templates associated with your applications and promote them again.

  1. On the Applications page, click the Expand icon associated with the application you want to update.
  2. Optional: On the Connection tab, if you modified the application configuration externally, click the Sync button to initiate an application synchronization.
    Note:

    Depending on your application type, the Connection tab might be labeled Client or Application.

    Important:

    If you created the application from a template, it cannot be synchronized with PingCentral. Only applications added directly to PingCentral can undergo synchronization.

    PingCentral retrieves the latest JSON data from the original environment and updates the application.

    Important:

    Syncing an application cancels all pending approvals for that application.

  3. Click the Pencil icon.

    All of the editable information is on one page.

    OptionSteps

    Update the name, description, or owner information.

    To update the application name, description, and owner, change the information in the Name, Description, or Owners fields.

    Update or change the template.

    To change the template used to create the application, click the pencil icon, click Change Template, and select a new template from the Select Template page.

    If an application is based on an outdated template, an Outdated Template icon displays next to it. To update the application to the latest version of the template, click the pencil icon, click Update Template. Configurations in the new template will override those specified in the previous template.
    Note:

    You cannot apply different template types to applications. For example, you cannot apply SAML template to an OAuth or OIDC application or apply an OAuth or OIDC template to a PingAccess application.

    Update OAuth or OIDC application information.

    To update the application:

    • In the Client section, change the scopes associated with OAuth or OIDC applications. Select or clear the appropriate check boxes.

      Note:

      You cannot edit scopes for applications created in PingCentral 1.2.0. However, you can change the template associated with an application to a template created in a later version, which allows you to update scope information.

    • In the Promote section, change the information in the Redirect URI fields for the appropriate environments.
    • To change client secrets, return to the Applications page, promote the application again, and generate a new secret.

    Update SAML SP application information.

    To update the application:

    • In the Attribute Mappings section, add or remove attributes and expressions or update attribute and expression values.
    • If attribute sources are defined in the underlying connection, select the - Data Store - identity attribute option and the applicable data store values.
    • In the Promotions section, upload a new .xml file that contains service provider (SP) metadata, such as the entity ID, ACS URL, certificates, and attribute information, from another SAML application. Click Choose File or Or Use URL to provide the metadata file.
      Note:

      If you're providing a new metadata file, you might also need to update the attribute mapping section to include new attributes from the metadata file.

    • Change the information in the Entity ID or ACS URL fields.
    • To change the signing certificate, select the appropriate certificate in the Signing Certificate list.
    • To change the SP certificate, click SP Certificate to upload a new certificate, or click Remove to remove it.
      Note:

      If a certificate is added to a SAML application and a SAML metadata file is subsequently provided that contains a certificate, additional changes to the application cannot be saved. If this occurs, exit the edit page and reopen it.

    Update PingAccess application information.

    To update the application:

    • On the Properties tab, in the Promote section, update the Virtual Hosts, Access Validation, Identity Mapping, and Site or Agent names, as appropriate.
    • On the Resources tab, update information regarding each resource.
    • On the Policy tab, click the Pencil icon associated with the policy you want to update.
  4. Click Save.