Before testing your SSO configuration for PingCentral:

  • Configure SSO within PingCentral
  • Set up the resource server
  • Establish the required settings for the OpenID provider

For more information, see Setting up SSO for PingCentral.

  1. Go to your PingCentral console URL (for example:, and after redirection to PingFederate, sign on with your credentials.

    A Request for Approval window opens. The scopes listed in the window represent the permissions that PingCentral is requesting. These scopes determine what information PingCentral can access and use.

  2. Select each check box to approve the scopes for the PingCentral client and click Allow.

    After testing is successful, you can set the approval window to Bypass in the OAuth client settings.

    Screen capture of the Request for Approval window with the pingcentral_client requesting permissions for three checked check boxes, Default, OpenID Connect Login, and Profile Access.
  • If you test as an IAM administrator group member in PingCentral, you can access Applications, Environments, Templates, Users, and Management.
  • As an application owner group member, you can access Applications and Management.
  • If you tested as a user in neither group, an error message displays.