Create an application in PingOne to allow PingFederate to access PingOne authentication flows and policy decisions. This application represents the user-facing sign-on experience.
For information about application types, see Applications in the PingOne documentation.
- On the PingOne MFA console, go to Applications > Applications and click the + icon.
-
Create the application profile by entering the following:
- Application name
- A unique identifier for the application.
- Description (optional)
- A brief characterization of the application.
- Icon (optional)
- A graphic representation of the application. Use a file up to 1MB in JPG, JPEG, GIF, or PNG format.
-
In the Application Type section, select
OIDC, then click Save.
OIDC applications have the following abilities:
- OIDC apps
-
- Authentication methods:
- SMS
- Third-party authentication apps
- Push notifications
- Device integrity checks to prevent users from pairing or authenticating with compromised devices.
- Client Initiated Backchannel Authentication (CIBA) support.
- Authentication methods:
-
Click the Configuration tab, and in the
General section, note the application
credentials.
You'll use these in Configuring an adapter instance.
-
On the Configuration tab, click the
Pencil icon and enter the following
information:
- In the Response Type section, select only Token and ID Token.
- In the Grant Type section, select only Implicit.
- Click Save.
-
Click the Resources tab, then click the
Pencil icon and configure the following:
-
Select the check boxes next to the scopes that you want to use to add
them to the Selected Scopes tab, then click
Save.
Scopes are not relevant for this integration.
-
Select the check boxes next to the scopes that you want to use to add
them to the Selected Scopes tab, then click
Save.
-
Click the Attribute Mappings tab, then click the
Pencil icon and configure the following:
- Map user attributes to attributes in your application, then click Save.
-
If you created an OIDC application for mobile device or CIBA authentication,
enter your Android and iOS configuration details:
- Click the Authenticator tab, then click the Pencil icon.
- Click Add for your mobile app type.
-
Enter your app details.
For help, see the following sections of the Ping Identity GitHub site:
- Optional:
Turn on the Device Integrity Check.
For more information, see Authentication method management.
- Click Save.
- Go to Applications > Applications in PingOne and click the toggle to activate the application.