Ensure that you have:

  • A PingDirectory server that accepts LDAPS connections.

    This server will host the admin console that is being configured for SSO.

  • The host name and port for the PingDirectory server.
  • A PingOne account.

    For more information, see Getting started with PingOne SSO.

  • A PingOne environment that includes PingDirectory. Learn more in Adding an environment and Adding a service to an environment.
    Note:

    When creating a new environment for this purpose, select Customer solution for the environment type.

Tip:

You can use groups to organize user identities, as explained in Groups. You can also set access to applications, as explained in Application access control.

During this process, you'll:

  • Set up matching users between PingOne and the PingDirectory environments that allows the server's All Admin Users identity mapper to map the PingOne ID token to a Directory Server LDAP user.
  • Set up the OpenID Connect application in PingOne.
  • Configure the PingOne console and the PingDirectory server.