Creating a web application - PingOne Cloud Platform - PingOne

PingOne Cloud Platform

bundle
pingone
ft:publication_title
PingOne Cloud Platform
Product_Version_ce
PingOne Cloud Platform
PingOne
category
Administratorguide
ContentType
Guide
Product
Productdocumentation
p1
p1cloudplatform
ContentType_ce
Product documentation
Guide > Administrator Guide
Guide

A web application is a browser-based application with a server-side component, such as .NET web apps, JSP/Java, Node.js, or Ruby on Rails.

Web applications typically have functions similar to desktop applications. Web applications can use SAML or OIDC for authentication.

A web application includes the following configuration.

Create App Profile

The application name and description.

Configure

The application's redirect URL.

Grant Access

To your application (for your customers to trigger authentication requests).

Attribute Mapping

Map your PingOne user-defined attributes to the corresponding application attributes, for accessibility between users and your app.

Every user authentication event occurs in the context of a SAML or OIDC application. When you invoke MFA through an OIDC request, you'll need to provide a client ID, which is the ID of your web application.

A worker app is used to make backend calls. In contrast, a web app (or native app or SPA app) is required for invoking an authentication flow.

Creating a web application console

  1. In the PingOne admin console, go to Applications > Applications.
  2. Click +.
    The Add Application panel will pop up.
  3. Enter an appropriate Application Name and a Description.

    For example, the application name Getting Started Web OIDC App.

  4. In Choose Application Type, click OIDC Web App.
  5. Click Save.

    The details panel opens. Applications are granted OAuth scopes so that they can access PingOne platform resources.

  6. To configure the application URL, click the Configuration tab, then click the Pencil icon.
  7. In the Redirect URIs field, enter your application's redirect URL (for example, https://example.com).
  8. Click Save.
  9. To grant access to your application, click the Access tab and click the Pencil icon.
  10. Click + to select the groups.
  11. Click Save.
  12. Click the Resources tab, and click the Pencil icon.
  13. Enter profile in the Search Scopes field
    Note:

    This filters the list of resource types so that only the Open ID profile scope remains visible in the scopes selection list.

  14. On the Profile Scope, click the + icon or drag it out to the Allowed Scopes.
  15. Click Save.
  16. To map your PingOne user-defined attributes to your corresponding application attributes, click the Attribute Mappings tab, and click the Pencil icon.
  17. Click + Add and fill in the Attributes and corresponding PingOne Mappings fields.
  18. Click Save.
  19. At the top right of the web application's profile, click the toggle to enable it.
    Tip:

    For more information and additional configuration options, see Adding an application.

Configuring a sign-on policy

Creating a web application API alternative

Application developers can use the API operations to create a web application. Use the access token generated through the worker app.

Configuring a sign-on policy