Page created: 26 May 2021
|
Page updated: 18 May 2022
Define a PingCentral-specific OAuth client. These steps explain how to configure PingFederate as the OpenID provider. See Configuring OAuth clients in the PingFederate Server guide for additional information.
- In PingFederate, go to .
- In the Client ID field, enter a unique identifier the client provides to the resource server (RS) to identify itself. This identifier is included with every request the client makes.
- In the Name field, enter a descriptive name for the client instance. This name appears when the user is prompted for authorization.
- In the Client Authentication field, select Client Secret, and manually enter a secret or click Generate Secret to have one created for you. You will also use this secret when you configure SSO for PingCentral. See Configuring SSO for PingCentral for details.
- In the Redirection URIs field, enter this URI: https://<pc-host>:<pc-port>/login/oauth2/code/pingcentral.
- Locate the Allowed Grant Types field and select Authorization Code.
- Optional: If you want API access with bearer tokens,
locate the field and select the Resource Owner Password
Credentials option.Note: PingCentral doesn't support ID token encryption.
- In the OpenID Connect field, select the ID Token Signing Algorithm, and then RSA using SHA-256 from the list.
- Click Save.