Create a worker application if you need to enable API actions, such as provisioning users or automatic device enrollment. A worker application is essentially client credentials in a service application. A worker application is an administrator application that can have the same roles as human administrators.
PingOne MFA can integrate with third-party identity providers. The PingOne console has a built-in wizard for configuring a PingFederate connection. A PingFederate connection in PingOne MFA is actually a worker app, with a specific configuration. The wizard for creating a new PingFederate connection is an abridged worker app creation flow.
- This step is optional and only needed if you need to enable API actions, such as provisioning users or automatic device enrollment.
- If you plan to work solely from the admin console, you can skip this step.
- Organizations using PingFederate as an IdP should skip this step and implement the configuration described in Integration with PingFederate.
- For implementations using another third-party IDP, create a regular worker application with a link to actual location.
- To create a worker app, see Applications and Adding an application.
If you're going to make API calls, generate an access token from your worker
The access token is valid for one hour.Note:
An access token is an object encapsulating the security identity of a process or thread. It is used for making security decisions and to store tamper-proof information about a particular system entity. An access token contains the security credentials for a login session and identifies the user, the user's privileges, and in some cases, a particular application.
- In PingOne, generate an access token for the worker application. For information, see Getting an access token.
- Application developers can get an access token from the worker
application, by using the following
See POST: GET a Worker Application Access Token in the API reference for details.