Managing applications - PingCentral - 2.0


PingCentral 2.0

All PingCentral applications and applications in verified PingAccess and PingFederate environments display on the Applications page, where you can filter the list of applications, add new applications, update existing applications, and delete them from PingCentral when they are no longer needed.


If an environment is offline or if a PingCentral administrator has set the environment status to Disabled, application owners will be unable to update or delete applications for a disabled or offline environment.

Filtering applications

Use the filters at the top of the page to filter your list of applications, or use the search feature to locate specific applications.

  1. Select your filters. You can filter by:
    • Environment
    • Template
    • Application owner, or groups of application owners
    • Integration type (OAuth and OIDC or SAML)
    • Managed (applications created from or promoted to PingCentral environments), and Unmanaged (applications that reside in verified PingAccess or PingFederate environments.)
    • Outdated templates
      A screen capture of the Applications page that displays several of the filters available to filter the application list.
  2. Click the filters to remove them.
  3. If you know the name of an application, further refine your search by entering the first few letters of application's name.

Adding applications

There are a variety of ways you can add applications to PingCentral. You can apply templates to them, you can create templates from them, or you can add them directly to PingCentral.

  1. To apply an OAuth, OIDC, SAML, or PingAccess template to an application:
    1. Click Add Application.
    2. On the Select Template page, select the appropriate template and follow the wizard prompts.

      See Selecting a template in the PingCentral for Application Owners guide for additional information.

  2. To create a template from an unmanaged application:
    1. Select the expandable icon associated with the application.
    2. Click Add as Template and follow the wizard prompts.

      The template displays in the list of available templates.

  3. To add a PingFederate or PingAccess application directly to PingCentral:
    1. Use the search and filtering features to locate applications.

      For more information, see Filtering applications

    2. Select the expandable icon associated with the application.
    3. Click Add to PingCentral as shown in the following example, name the application, assign owners, and save it.
      This example shows a selected PingFederate application that displays the Add to PingCentral button.

Updating applications

Update your applications at any time.

To keep your applications secure, rotate certificates and client secrets on a regular basis and apply updated security configurations to applications built from templates when new configuration templates become available.

You don't need to recreate your applications in PingCentral to apply new templates. Replace the templates associated with your applications and promote them again.

  1. On the Applications page, click the Expand icon associated with the application you want to update.
  2. Optional: On the Connection tab, if you modified the application configuration externally, click the Sync button to initiate an application synchronization.

    Depending on your application type, the Connection tab might be labeled Client or Application.


    If you created the application from a template, it cannot be synchronized with PingCentral. Only applications added directly to PingCentral can undergo synchronization.

    PingCentral retrieves the latest JSON data from the original environment and updates the application.


    Syncing an application cancels all pending approvals for that application.

  3. Click the Pencil icon.

    All of the editable information is on one page.


    Update the name, description, or owner information.

    To update the application name, description, and owner, change the information in the Name, Description, or Owners fields.

    Update or change the template.

    If an application is based on an outdated template, an Outdated Template icon displays next to it. To update the application to the latest version of the template, click the pencil icon, click Update Template. Configurations in the new template will override those specified in the previous template.

    To update or change the template used to create the application, click the pencil icon, click Change Template, and select a new template from the Select Template page.


    You cannot apply different template types to applications. For example, you cannot apply SAML template to an OAuth or OIDC application or apply an OAuth or OIDC template to a PingAccess application.

    Update OAuth or OIDC application information.

    To update the application:

    • In the Client section, change the scopes associated with OAuth or OIDC applications. Select or clear the appropriate check boxes.


      You cannot edit scopes for applications created in PingCentral 1.2.0. However, you can change the template associated with an application to a template created in a later version, which allows you to update scope information.

    • In the Promote section, change the information in the Redirect URI fields for the appropriate environments.
    • To change client secrets, return to the Applications page, promote the application again, and generate a new secret.

    Update SAML SP application information.

    To update the application:

    • In the Attribute Mappings section, add or remove attributes and expressions or update attribute and expression values.
    • If attribute sources are defined in the underlying connection, select the - Data Store - identity attribute option and the applicable data store values.
    • In the Promotions section, upload a new .xml file that contains service provider (SP) metadata, such as the entity ID, ACS URL, certificates, and attribute information, from another SAML application. Click Choose File or Or Use URL to provide the metadata file.

      If you're providing a new metadata file, you might also need to update the attribute mapping section to include new attributes from the metadata file.

    • Change the information in the Entity ID or ACS URL fields.
    • To change the signing certificate, select the appropriate certificate in the Signing Certificate list.
    • To change the SP certificate, click SP Certificate to upload a new certificate, or click Remove to remove it.

      If a certificate is added to a SAML application and a SAML metadata file is subsequently provided that contains a certificate, additional changes to the application cannot be saved. If this occurs, exit the edit page and reopen it.

    Update PingAccess application information.

    To update the application:

    • On the Properties tab, in the Promote section, update the Virtual Hosts, Access Validation, Identity Mapping, and Site or Agent names, as appropriate.
    • On the Resources tab, update information regarding each resource.
    • On the Policy tab, click the Pencil icon associated with the policy you want to update.
  4. Click Save.

Deleting applications

You can delete applications within PingCentral, or choose to delete the application from all environments.

  1. To delete an application, click the associated Delete icon.
    A message displays asking you if you want to delete the application from PingCentral only or from all environments.
  2. Select which environments to delete the application from.
    • To delete an application from PingCentral only, click the Delete button.
    • To delete an application from all environments, depending on the application type, select the Delete from PingFederate in all environments or Delete from PingAccess in all environments check box and click the Delete button.