To set up single sign-on (SSO) access from the administrative console home page to PingDirectory, configure PingOne and test the sign-on experience.
Ensure that you have:
- A PingDirectory server that accepts LDAPS connections
This server will host the admin console that is being configured for SSO.
- A PingOne account
For more information, see Getting Started with PingOne.
Tip:
You can use groups to organize user identities, as explained in Groups. You can also set access to applications, as explained in Application access control.
During this setup:
- Step 2 sets up a matching user between PingOne and the PingDirectory environments that allows the server's
All Admin Users
identity mapper to map the PingOne ID token to a Directory Server LDAP user. - Steps 3-8 set up the OpenID Connect (OIDC) client as described in Single sign-on with the PingDirectory Server administrative console.
- Steps 9-11 configure both the administrative console's configuration
requirements (except for the
ldap.server
property) and the PingDirectory server's configuration requirements.Note:These configuration properties are outlined in more detail in Single sign-on with the PingDirectory Server administrative console.
To set up SSO to the PingDirectory administrative console from PingOne: