The PingOne admin console simplifies environment organization and provides access to admin consoles for all Ping products and services.
From the main administrator console you have one-click access to:
- Documentation, the API, code examples, data sheets, and videos for each product and service
- Interactive wizards that make it easy to build custom solutions and configure the Ping platform for any cloud environment scenario
To access the admin console for your organization, sign on to your account from either pingidentity.com or support.pingidentity.com and complete a few simple steps. Learn more in Accessing the PingOne admin console.
Environments page
The Environments page lists the environments to which you have access. If you have the Organization Admin role, you'll see all of the environments in your organization.
Access the Environments page by clicking the Ping Identity logo on the sidebar or the Home icon at the top of the console.
Most organizations include an Administrators environment for keeping your administrator users separate from your end users. This environment is pinned to the top of the list.
Some older organizations might not have an Administrators environment by default, or the Administrators environment might be called something else. Whether or not you have an Administrators environment, you should manage all administrators in their own environment to separate them from end users and improve the security posture of your organization.
Use a combination of the search box and the sorting options to locate the environment you want quickly.
The Administrators environment stays at the top of the list, regardless of the sort order you choose. However, if you enter search criteria that does not match the Administrators environment, it is not displayed in the search results.
Click an environment in the list to open the details pane.
To access the dashboard for a particular service or connected product in the environment, click the service or product name under Services or Connected Services.
If a connected product or service is not configured, it is grayed out and a tooltip indicates that it requires configuration.
Click Manage Environment to go to the Overview page for the environment, which includes:
- A list of the products and services included in the environment.
- A graph showing the activity that has occurred within the environment (if the environment contains PingOne services).
- Links to documentation, APIs, and code examples for each product and service in the environment.
The menu options in the sidebar vary depending on which products and services are included in the environment.
In the following example, you see all of the services and most of the top-level menus.
Source environments
In PingOne, every identity resides in a single source environment, the environment where the identity exists or was created. For example, if you create an identity in the Administrators environment, then the Administrators environment is that identity’s source environment.
For most cases, you should create all administrator identities in the Administrators environment to make it easier to manage them and to help prevent privilege escalation.
Identities don't have to reside in the same environments that they have access to, and you can manage these identities best from one Administrators environment.
End users and customers should reside in a separate environment from your administrator identities.
In some scenarios, you might not have admin access to your identity’s source environment (where your identity resides). In this case, your source environment is different from the environment that you can work in, but you only authenticate to your source environment.
Administrators of admin identities, for example, are the only users who have access to their identity’s source environment to manage other admins and their roles. Other types of admins do not have access to their source environment.
Different admins could have different roles that determine what that identity has access to and where. A role has two components:
- A set of permissions
- The level for those permissions, such as environment, population, or organization
The level at which a role is assigned determines the environments your role has access to in the admin console while permissions determine what actions you can take. PingOne includes various roles with different applicable levels for each role. Learn more in Roles.
As a PingOne administrator, you can have multiple administrator identities across multiple environments in a single organization, across different organizations, or a combination of both.
For some complex use cases, you might need multiple administrator identities to configure multiple organizations. An example use case is a contractor working with more than one company to configure environments. In this scenario, the contractor would need an administrator identity in each company’s organization.
You cannot have multiples of the same identity in a single environment. For these complex use cases, those identities must be created in multiple environments.
If you have multiple administrator identities associated with the same email address, you can select which organization you want to authenticate to after signing on. You’ll need to choose the identity with the right permissions based on what actions you intend to take.
More information
Learn more about the PingOne APIs in the PingOne Platform API Reference.
Learn more about configuring applications in Editing an application.
Learn more about authorization flows in Authorization flow by grant type, OpenID Connect/OAuth 2, and Flows.