1. Sign on to PingFederate and go to Authentication > Authorization > IdP Connections. Click Create Connection.
  2. On the Connection Type tab, select the Browser SSO check box, and in the Protocol list, select SAML 2.0. Click Next.
    Screen capture of the Connection Type tab with the Browser SSO Profiles check box selected and the SAML 2.0 option checked from the Protocol list.
  3. On the Connection Options tab, select the Browser SSO check box. Click Next.
  4. On the General Info tab, in the Issuer field, enter https://api.login.yahoo.com.
  5. In the Client ID and Client Secret fields, enter the values copied earlier from your Yahoo OIDC app.
  6. Click Load Metadata. Click Next.
    Screen capture of the General Info tab, showing the completed Issuer, Client ID, and Client Secret fields.
  7. On the Extended Properties tab, click Next.
  8. On the Browser SSO tab, click Configure Browser SSO.
  9. On the User Session Creation tab, click Configure User-Session Creation.
  10. On the Identity Mapping tab, select Account Mapping. Click Next.
  11. On the Attribute Contract tab, leave the default values selected. Click Next.
    Screen capture of the Attribute Contract tab, showing the default values listed.
  12. On the Target Session Mapping tab, click Map New Adapter Instance.
  13. On the Adapter Instance tab, in the Adapter Instance list, select Open Token adapter. Click Next.
    Screen capture of the Adapter Instance tab, showing the Adapter Instance list expanded.
  14. On the Attribute Data Store tab, leave the default values selected. Click Next.
    Screen capture of the Adapter Data Store tab showing the default values listed.
  15. On the Adapter Contract Fulfillment tab, map the values as follows. Click Next.
    Attribute Source Value

    givenName

    Provider Claims

    given_name

    mail

    Provider Claims

    email

    sn

    Provider Claims

    family_name

    subject

    Provider Claims

    sub
    Screen capture of the Adapter Contract Fulfillment tab showing the specified settings.
  16. On the Issuance Criteria tab, click Next.
  17. On the Summary tab, review your entries and click Done.
  18. On the User Session Creation tab, click Next.
  19. On the Protocol Settings tab, click Configure Protocol Settings.
  20. On the OpenID Provider Info tab, review the information and click Next.
    Screen capture of the OpenID Provider Info tab.
  21. On the Overrides tab, enter a Default Target URL. Click Next.
  22. On the Summary tab, review your entries and click Done.
  23. On the Protocol Settings tab, click Next.
  24. On the Summary tab, review your entries and click Done.
  25. On the Activation and Summary tab, click the toggle to activate the connection. Click Save.