Note:

You must run setup in noninteractive, command-line mode instead of interactive mode if you need to do any of the following:

  • Configure the Policy Administration GUI with a policy configuration key.
  • Configure a key store for a policy information provider.
  • Configure a trust store for a policy information provider.
  • Customize the Policy Administration GUI’s logging behavior.

For more information, see Specifying custom configuration with an options file.

  1. Before you run setup, you must choose one of the two following authentication modes for the PingDataGovernance Policy Administration GUI:
    • Demo mode

      Configures the PingDataGovernance Policy Administration GUI to use form-based authentication with a fixed set of credentials. Unlike OIDC mode, this mode does not require an external authentication server. However, it is inherently insecure and is recommended only for demonstration purposes.

    • OpenID Connect (OIDC) mode

      Configures the PingDataGovernance Policy Administration GUI to delegate authentication and sign-on services to an OpenID Connect provider, such as PingFederate.

  2. Optional: If you choose OIDC mode, be prepared to provide the following additional information:
    • The host name and port of an OpenID Connect provider or its base URL

    • The location of a trust store for the OpenID Connect provider, if the OpenID Connect provider uses a server certificate not issued by a certificate authority not trusted by the JRE

  3. Optional: If you do not use the setup tool to generate a self-signed certificate, you must also provide the following:
    • Information related to the PingDataGovernance Policy Administration GUI’s connection security, including the location of a keystore that contains the server certificate and the nickname of that server certificate.

    Note:

    The setup tool’s --help option displays the options available for a noninteractive installation.

  4. Run the correct command based on your needs:
    Note:

    If you do not want to use the default database credentials, see Setting database credentials at initial setup.

    • To see the general options for running setup:
      $ bin/setup --help
    • To see the options for running setup in demo mode:
      $ bin/setup demo --help
    • To see the options for running setup in OIDC mode:
      $ bin/setup oidc --help
  5. Copy and record any generated values needed to configure external servers.

    The Shared Secret is used in PingDataGovernance, under External Servers > Policy External Server > Shared Secret.

  6. To start the Policy Administration GUI, or policy administration point (PAP), run bin/start-server.

    The Policy Administration GUI runs in the background, so you can close the terminal window in which it was started without interrupting it.

  7. After you complete setup, see Post-setup steps (manual installation).
  8. Consider additional configuration options in Specifying custom configuration with an options file.