Skip to main content

Configure Ping Identity OpenId Connect (OIDC)

To configure user authentication with Ping Identity using OpenID Connect (OIDC), follow the steps below:

As an additional reference, see Adding an application in the Ping Identity documentation.

  1. Navigate to the Ping Identity console and log in as an administrator.

  2. In the navigation bar, select Applications. On the Applications page, create a new application.

  3. Enter a Name for the application (for example, "Tonkean"), and for Application Type, select OIDC Web App, then select Save.

  4. Select the application Configuration tab, enter Edit mode, and configure the application fields as detailed below, then select Save:

    • Response Type: Code

    • Grant Type: Authorization Code

    • Redirect URIs: <appUrl>/oauth.html

      For multi-tenant Tonkean instances in the US region, enter https://tracks.tonkean.com/oauth.html

    • Token Endpoint Authentication Method: Client Secret Post

  5. On the application Resources tab, enter Edit mode, and select the following scopes, then select Save:

    • email

    • openid

    • profile

  6. On the application Attribute Mappings tab, enter Edit mode, and map the following attributes as detailed below, then select Save:

    • sub: User ID

    • emailVerified: Email Verified

      You may need to add this attribute.

  7. On the application Overview tab, copy and save the following URLs in a separate location (you will need these to configure authentication on the Tonkean side):

    • Client ID

    • Client Secret

    • Authorization URL

Set Ping Identity as Your Preferred Authentication Method

  1. Open a separate browser tab or window and there, navigate to Tonkean.

  2. In Tonkean, select your profile icon in the upper right.

    select_profile_icon.png

  3. Select the <Enterprise Name> Administration in the dropdown. The Enterprise Administration screen displays.

    enterprise_administration_select.png

  4. Locate the Preferred authentication method section and select No restrictions.

    ent_admin_no_restrictions_select.png

  5. Select Authenticate with, then select Ping Identity from the dropdown. Ping Identity authentication fields display.

    preferred_auth_method_ping_id_select.png

  6. Enter the following values saved from Ping Identity:

    • Authorization URL

    • Client ID

    • Client Secret

    ping_id_client_creds_urls.png

  7. When finished, select Save. The Ping Identity authentication fields close.

Setup for Ping Identity using OpenId Connect is complete.

In this section: