To set up single sign-on (SSO) access from the admin console to PingDirectory, configure PingOne, configure PingDirectory, and then test the sign-on experience.
Ensure that you have:
- A PingDirectory server that accepts LDAPS connections.
This server will host the admin console that is being configured for SSO.
- The host name and port for the PingDirectory server.
- A PingOne account.
For more information, see Getting started with PingOne SSO.
- A PingOne environment that includes PingDirectory. Learn more in Adding an environment and Adding a service to an environment.Note:
When creating a new environment for this purpose, select Customer solution for the environment type.
Tip:
You can use groups to organize user identities, as explained in Groups. You can also set access to applications, as explained in Application access control.
During this process, you'll:
- Set up matching users between PingOne and the PingDirectory environments that allows the server's
All Admin Users
identity mapper to map the PingOne ID token to a Directory Server LDAP user. - Set up the OpenID Connect (OIDC) application in PingOne.
- Configure the PingOne console and the PingDirectory server.