1. Copy gapps-password-manager.war from the dist/gapps-password-manager directory to either:

    <pf_install>/pingfederate/server/default/deploy/

    Or:

    The application-deployment directory in a different Web-servlet container of your choice.

  2. In the directory gapps-password-manager.war/WEB-INF/classes, edit the file gapps-password-manager-config.props, to provide valid client id, client secret, and oauth tokens for Google Apps. Follow the instructions in Obtain an application name, client ID, and secret section of this guide to obtain the client id and secret. Refer to Generate authorized OAuth 2.0 tokens for instructions on obtaining the token values.
    Tip: You can use the obfuscate.bat|sh utility to mask the client secret, access token and refresh token value in the configuration file (recommended). The utility is located in the <pf-install>/pingfederate/bindirectory. Make sure to run the obfuscate utility with ā€˜-lā€™ flag. Example: obfuscate.[bat|sh] -l <Value to be obfuscated>

    As an option in this file, you may also change the default specifications (usable characters and length) for the randomly generated reset passwords that users will receive from the Password Manager.

  3. Copy the agent-config.txt file, which was exported during the SP adapter, configuration, into the same directory (see SP Adapter Setup):

    ../gapps-password-manager.war/WEB-INF/classes/

  4. Start or restart PingFederate, or the servlet container in which the Manager is installed.