Ping SDKs

Step 2. Configure connection properties

In this step, you configure the "FRExample" app to connect to the OAuth 2.0 application you created in PingOne, using OIDC login.

  1. In Xcode, on the File menu, click Open.

  2. Navigate to the sdk-sample-apps folder you cloned in the previous step, navigate to iOS > uikit-frexamples > FrExample > FrExample > FRExample.xcodeproj, and then click Open.

  3. In the Project Navigator pane, navigate to FRExample > FRExample, and open the ViewController file.

  4. In the ViewController file:

    1. Change the useDiscoveryURL variable to true:

      let useDiscoveryURL = true

      Changing the variable causes the sample to use the discover method to get many of the required configuration values from your PingOne OIDC .well-known endpoint.

    2. Replace CLIENT_ID_PLACEHOLDER with the ID of the OAuth 2.0 client application you created previously in PingOne:

      let config =
["forgerock_oauth_client_id": "6c7eb89a-66e9-ab12-cd34-eeaf795650b2",
"forgerock_oauth_redirect_uri": "org.forgerock.demo://oauth2redirect",
"forgerock_oauth_scope" : "openid profile email address revoke",
"forgerock_ssl_pinning_public_key_hashes": ["SSL_PINNING_HASH_PLACEHOLDER"]]

    3. Remove or comment out the forgerock_ssl_pinning_public_key_hashes line.

      For information on SSL pinning, refer to Enable SSL pinning.

    4. Replace DISCOVERY_URL_PLACEHOLDER with the .well-known endpoint from your OAuth 2.0 native mobile application in PingOne.

      How do I find my PingOne .well-known URL?

      To find the .well-known endpoint for an OAuth 2.0 client in PingOne:

      1. Log in to your PingOne administration console.

      2. Go to Applications > Applications, and then select the OAuth 2.0 client you created earlier.

        For example, sdkPublicClient.

      3. On the Configuration tab, expand the URLs section, and then copy the OIDC Discovery Endpoint value.

      For example:

      let discoveryURL = "https://auth.pingone.com/3072206d-c6ce-ch15-m0nd-f87e972c7cc3/as/.well-known/openid-configuration"

    5. Optionally, specify which of the configured policies PingOne uses to authenticate users.

      In the performCentralizedLogin function, add an acr_values parameter to the authorization request by using the setCustomParam() method:

      func performCentralizedLogin() {
    FRUser.browser()?
        .set(presentingViewController: self)
        .set(browserType: .authSession)
        // Add acr values to the authorization request
        .setCustomParam(key: "acr_values", value: "<Policy IDs>")
        .build().login { (user, error) in
            self.displayLog("User: \(String(describing: user)) || Error: \(String(describing: error))")
    }
    return
}

      Replace <Policy IDs> with either a single DaVinci policy, by using its flow policy ID, or one or more PingOne policies by specifying the policy names, separated by spaces or the encoded space character %20.

      Examples:

      DaVinci flow policy ID

      .setCustomParam(key: "acr_values", value: "d1210a6b0b2665dbaa5b652221badba2")

      PingOne policy names

      .setCustomParam(key: "acr_values", value: "Single_Factor%20Multi_Factor")

    For more information, refer to Editing an application - OIDC.

With the sample configured, you can proceed to Step 3. Test the app.