Prepare to provide the following:

  • Name of the application.
  • A brief, accurate description of your application.
  • Redirect URI, if required. This is the URI your users will be directed to after they receive authorization to access your application. Redirect URIs are only required when promoting applications that use an authorization code and implicit grant types.
  • Scopes, which are optional and can be customized to meet your needs. See Scopes and scope management in the PingFederate documentation for additional information.
  1. If you want to add scopes to the applications, begin typing the name of the scope you want to add and select it from the list when it displays.

    The names of scopes added to applications cannot contain spaces, nor can the Scopes field contain spaces before or after the scope name. If spaces exist, applications cannot be successfully promoted.

    When this application is later promoted, the target PingFederate scope management configuration is referenced to satisfy the scope requirements of the client. Any named scope identified as a common scope in the target environment is configured within the client as a restricted scope. If the named scope does not exist in the target environment, the scope is created as an exclusive scope. In that case, or if the scope already exists as an exclusive scope, then the scope is associated with the client as an exclusive scope.

  2. Click Next.
  3. On the Describe Application page, enter the name of your application and a description of the application in the Name and Description fields.
    You are adding this application to PingCentral, so your name will automatically populate the Owners field.
  4. Optional: To add owners, select additional owners from the Owners list. If the name you are looking for does not display in the list, contact your PingCentral administrator and request that the person be provisioned.
    This example shows the Describe Application page, which contains the Name, Description, and Owners fields
  5. Click Save and Close.
    The application appears at the top of the list of applications on the Applications page.
  6. To promote the application to an environment, click the expandable icon associated with the application, select the Promote tab, and click Promote.
  7. Select the environment to which you want to promote the application from the Available Environments list.

    If you have the Application Owner role, you cannot promote applications to protected environments, which have shield icons associated with them.

  8. If redirect URIs are required to promote the application, enter them in the Redirect URIs field.
  9. If a client secret is required to authenticate your application, you can:
    • Create a custom secret and enter it in the Client Secret text box.
    • Generate a client secret by clicking the Generate Secret button.
    • Leave the Client Secret text box empty and PingCentral will automatically generate a client secret for you.
      This example shows you the Promote to Environment dialog, which contains the Redirect URIs and Client Secret fields.
  10. Click Promote.
    PingCentral promotes your application to the designated environment in PingFederate. You will see the new promotion in the History section of the page.
  11. To configure the SSO connection, provide the following information to your service provider:
    • The client ID. Click View Client Details to access the Promotion Details window, which displays the client ID.
    • The client secret and OIDC discovery endpoint, which are available in this window.
      This example shows the Promotion Details page, which contains information regarding the promotion, such as the Client ID and OIDC discovery endpoint.