Setting up SSO to PingDirectory - PingOne SSO - PingOne Cloud Platform - PingOne Services - PingOne

PingOne Cloud Platform

bundle
pingone
ft:publication_title
PingOne Cloud Platform
Product_Version_ce
PingOne Cloud Platform
PingOne
category
Administratorguide
ContentType
Guide
Product
Productdocumentation
p1
p1cloudplatform
ContentType_ce
Guide
Product documentation
Guide > Administrator Guide

To set up single sign-on (SSO) access from the admin console to PingDirectory, configure PingOne, configure PingDirectory, and then test the sign-on experience.

Ensure that you have:

  • A PingDirectory server that accepts LDAPS connections

    This server will host the admin console that is being configured for SSO.

  • The hostname and port for the PingDirectory server.
  • A PingOne account.

    For more information, see Getting started with PingOne SSO.

Tip:

You can use groups to organize user identities, as explained in Groups. You can also set access to applications, as explained in Application access control.

During this process, you will:

  • Set up matching users between PingOne and the PingDirectory environments that allows the server's All Admin Users identity mapper to map the PingOne ID token to a Directory Server LDAP user.
  • Set up the OpenID Connect (OIDC) application in PingOne.
  • Configure the PingOne console and the PingDirectory server.