Step 2. Configure connection properties
In this step, you configure the kotlin-central-login-oidc sample to connect to the OAuth 2.0 application you created in PingFederate, using OIDC login.
-
In Android Studio, open the
sdk-sample-apps/android/kotlin-central-login-oidc
project you cloned in the previous step. -
In the Project pane, switch to the Android view.
Figure 1. Switching the project pane to Android view. -
In the Android view, navigate to app > kotlin+java > com.example.app, and open
Config.kt
. -
Edit the default values provided in the
PingConfig
class with the values from your PingFederate server:PingConfig
class default valuesdata class PingConfig( var discoveryEndpoint: String = "https://openam-sdks.forgeblocks.com/am/oauth2/realms/alpha/.well-known/openid-configuration", var oauthClientId: String = "AndroidTest", var oauthRedirectUri: String = "org.forgerock.demo:/oauth2redirect", var oauthSignOutRedirectUri: String = "", var cookieName: String = "5421aeddf91aa20", var oauthScope: String = "openid profile email address") )
kotlin- discoveryEndpoint
-
The
.well-known
endpoint of your PingFederate server.How do I form my PingFederate .well-known URL?
To form the
.well-known
endpoint for a PingFederate server:-
Log in to your PingFederate administration console.
-
Navigate to
. -
Make a note of the Base URL value.
For example,
https://pingfed.example.com
Do not use the admin console URL. -
Append
/.well-known/openid-configuration
after the base URL value to form the.well-known
endpoint of your server.For example,
https://pingfed.example.com/.well-known/openid-configuration
.The SDK reads the OAuth 2.0 paths it requires from this endpoint.
For example,
https://pingfed.example.com/.well-known/openid-configuration
-
- oauthClientId
-
The client ID from your OAuth 2.0 application in PingFederate.
For example,
sdkPublicClient
- oauthRedirectUri
-
The Redirect URIs as configured in the OAuth 2.0 client profile.
This value must exactly match a value configured in your OAuth 2.0 client.
For example,
org.forgerock.demo://oauth2redirect
- oauthSignOutRedirectUri
-
The Front-Channel Logout URIs as configured in the OAuth 2.0 client profile.
This value must exactly match a value configured in your OAuth 2.0 client.
For example,
org.forgerock.demo://oauth2redirect
- cookieName
-
Set this property to an empty string. PingFederate servers do not require this setting.
- oauthScope
-
The scopes you added to your OAuth 2.0 application in PingFederate.
For example,
openid profile email phone
The result resembles the following:
PingConfig
class example valuesdata class PingConfig( var discoveryEndpoint: String = "https://pingfed.example.com/.well-known/openid-configuration", var oauthClientId: String = "sdkPublicClient", var oauthRedirectUri: String = "org.forgerock.demo://oauth2redirect", var oauthSignOutRedirectUri: String = "org.forgerock.demo://oauth2redirect", var cookieName: String = "", var oauthScope: String = "openid profile email phone" )
kotlin -
Save your changes.