To define this endpoint, access the application.properties file, which resides in the conf folder in the PingCentral installation directory. Uncomment the following property and define the JWKS endpoint URI, as shown in this example:

pingcentral.sso.oidc.oauth-jwk-set-uri=https://sso.mycompany.com:9031/ext/oauth/pingcentral/jwks

While the subject (sub) claim is mandatory with OpenID Connect, it is not required when using OAuth 2.

With bearer tokens, PingCentral looks for the Username claim by default, but this also can be configured, as shown in this example:

pingcentral.sso.oidc.oauth-username-claim-name=UserId