Note: These steps are independent of the datastore, PCV, and provisioning components of the integration kit.
  1. Complete the steps in Create an OpenID Connect IdP connection in the PingFederate documentation with the following modifications:
  2. In the connection configuration, on the General Info screen, in the Issuer field, enter the following using the Client ID that you noted in Connecting PingFederate to PingOne. Click Load Metadata.<client_id>/as

    For example:

  3. In the Client ID and Client Secret fields, enter the values that you noted in Connecting PingFederate to PingOne.
  4. On the Browser SSO > Protocol Settings > OpenID Provider Info screen, in the Scopes field, type openid and any other OIDC scopes that you need. Separate scopes with a space.

    For more information about scopes, see Resource scopes in the PingOne documentation and READ All Scopes (Resource) in the PingOne API documentation.

    1. In the OpenID Connect Login Type list, select Code.
    2. In the Authentication Scheme list, select Basic.
    3. The Authorization Endpoint, Token Endpoint, User Info Endpoint, and JWKS URL fields are populated automatically from the Load Metadata action in step 2.