---
title: Step 3. Configure connection properties
description: Prepare
component: sdks
version: latest
page_id: sdks:oidc:tutorials/javascript/pingfed/03_configuring-sample-for-pingone-js
canonical_url: https://docs.pingidentity.com/sdks/latest/oidc/tutorials/javascript/pingfed/03_configuring-sample-for-pingone-js.html
revdate: Thu, 24 Apr 2025 14:44:20 +0100
keywords: ["OAuth 2.0", "OpenID Connect", "Tutorial", "Source Code", "Integration", "SDK", "JavaScript"]
---

# Step 3. Configure connection properties

* [Prepare](00_before-you-begin.html)

* [Download](01_downloading-forgerocksdk-core-project-js.html)

* [Install](02_configuring-forgerocksdk-core-project-js.html)

* **Configure**

* [Run](04_running-sample-pingone-js.html)

***

In this step, you configure the sample app to connect to the OAuth 2.0 application you created in PingFederate.

1. In the IDE of your choice, open the `sdk-sample-apps` folder you cloned in the previous step.

2. Open the `/javascript/central-login-oidc/src/main.js` file.

3. Locate the `Config.setAsync()` method and update the properties to match your PingFederate environment:

   ```javascript
   await Config.setAsync({
     clientId: process.env.WEB_OAUTH_CLIENT, // e.g. 'ForgeRockSDKClient' or PingOne Services Client GUID
     redirectUri: `${window.location.origin}`, // Redirect back to your app, e.g. 'https://localhost:8443' or the domain your app is served.
     scope: process.env.SCOPE, // e.g. 'openid profile email address phone revoke' When using PingOne services revoke scope is required
     serverConfig: {
       wellknown: process.env.WELL_KNOWN,
       timeout: process.env.TIMEOUT, // Any value between 3000 to 5000 is good, this impacts the redirect time to login. Change that according to your needs.
     },
   });
   ```

   Replace the following strings with the values you obtained when you registered an OAuth 2.0 application in PingFederate:

   * *process.env.WEB\_OAUTH\_CLIENT*

     The client ID from your OAuth 2.0 application in PingFederate.

     For example, `sdkPublicClient`

   * *process.env.SCOPE*

     The scopes you added to your OAuth 2.0 application in PingFederate.

     For example, `openid profile email phone`

   * *process.env.WELL\_KNOWN*

     The `.well-known` endpoint from your OAuth 2.0 application in PingFederate.

     > **Collapse: How do I form my PingFederate .well-known URL?**
     >
     > To form the `.well-known` endpoint for a PingFederate server:
     >
     > 1. Log in to your PingFederate administration console.
     >
     > 2. Navigate to **System** [icon: angle-right, set=fa] **Server** [icon: angle-right, set=fa] **Protocol Settings**.
     >
     > 3. Make a note of the **Base URL** value.
     >
     >    For example, `https://pingfed.example.com`
     >
     >    |   |                                   |
     >    | - | --------------------------------- |
     >    |   | Do not use the admin console URL. |
     >
     > 4. Append `/.well-known/openid-configuration` after the base URL value to form the `.well-known` endpoint of your server.
     >
     >    For example, `https://pingfed.example.com/.well-known/openid-configuration`.
     >
     >    The SDK reads the OAuth 2.0 paths it requires from this endpoint.

     For example, `https://pingfed.example.com/.well-known/openid-configuration`

   * *process.env.TIMEOUT*

     Enter how many milliseconds to wait before timing out the OAuth 2.0 flow.

     For example, `3000`

   The result resembles the following:

   ```javascript
   await Config.setAsync({
     clientId: "sdkPublicClient",
     redirectUri: `${window.location.origin}`,
     scope: "openid profile email phone",
     serverConfig: {
       wellknown: "https://auth.pingone.com/3072206d-c6ce-ch15-m0nd-f87e972c7cc3/as/.well-known/openid-configuration",
       timeout: 3000
     },
   });
   ```