Creating an OIDC application in PingOne - PingFederate - PingOne MFA - PingOne - PingOne Services

Creating an OIDC application in PingOne - PingFederate - PingOne MFA - PingOne - PingOne Services - PingOne Cloud Platform

PingOne MFA Integration Kit

bundle

pingfederate-pingone-mfa-ik

ft:publication_title

PingOne MFA Integration Kit

Product_Version_ce

PingOne MFA

PingOne

PingOne Services

PingOne Cloud Platform

category

Administrator

Audience

ContentType

English

Integration

Language

Product

Productdocumentation

integrationdocx

p1cloudplatform

p1mfax

p1services

pingfederate

ContentType_ce

Integration

Product documentation

Create an application in PingOne to allow PingFederate to access PingOne authentication flows and policy decisions. This application represents the user-facing sign-on experience.

For information about application types, see Applications in the PingOne documentation.

On the PingOne MFA console, go to Applications > Applications and click the + icon.
Create the application profile by entering the following:

Application name

A unique identifier for the application.

Description (optional)

A brief characterization of the application.

Icon (optional)

A graphic representation of the application. Use a file up to 1MB in JPG, JPEG, GIF, or PNG format.
In the Application Type section, select OIDC, then click Save.
OIDC applications have the following abilities:
OIDC apps
- Authentication methods:
  
  SMS
  
  Email
  
  Third-party authentication apps
  
  Push notifications
- Device integrity checks to prevent users from pairing or authenticating with compromised devices.
- Client Initiated Backchannel Authentication (CIBA) support.
Click the Configuration tab, and in the General section, note the application credentials.

You'll use these in Configuring an adapter instance.
On the Configuration tab, click the Pencil icon and enter the following information:
1. In the Response Type section, select only Token and ID Token.
2. In the Grant Type section, select only Implicit.
3. Click Save.
Click the Resources tab, then click the Pencil icon and configure the following:
1. Select the check boxes next to the scopes that you want to use to add them to the Selected Scopes tab, then click Save.
  
  Scopes are not relevant for this integration.
Click the Attribute Mappings tab, then click the Pencil icon and configure the following:
1. Map user attributes to attributes in your application, then click Save.
If you created an OIDC application for mobile device or CIBA authentication, enter your Android and iOS configuration details:
1. Click the Authenticator tab, then click the Pencil icon.
2. Click Add for your mobile app type.
3. Enter your app details.
  For help, see the following sections of the Ping Identity GitHub site:
  - PingOne Mobile SDK - Android
  - PingOne Mobile SDK - iOS
4. Optional: Turn on the Device Integrity Check.
  
  For more information, see Authentication method management.
5. Click Save.
Go to Applications > Applications in PingOne and click the toggle to activate the application.