PingAuthorize

Configuring PingOne for PingAuthorize policy administration

About this task

Configure PingOne to authorize external access to the Policy Editor.

Steps

  1. Sign on to PingOne and click your environment.

    Choose from:

    • If you have an account, go to the URL for your environment. Each environment has a unique URL for signing on that follows the https://console.pingone.com/?env=<environmentID> format.

    • If you don’t already have a PingOne account, create one at Try Ping.

  2. To create an application in PingOne to represent the Policy Editor, go to Connections > Applications and click the icon.

  3. Enter a name for the application, such as PingAuthorize Policy Editor.

  4. (Optional) Enter a description and add an icon.

  5. Click OIDC Web App, and then click Save.

  6. On the Configuration tab, click the Pencil icon to edit the settings.

  7. In the PKCE Enforcement list in the Grant Type section, select S256_REQUIRED.

  8. In the Redirect URIs field, enter a redirect URL that follows the format https://<pap.hostname:port>/idp-callback.

  9. In the Token Endpoint Authentication Method section, click None.

  10. Click Save.

  11. On the Resources tab, click the Pencil icon to edit the settings.

  12. In the Scopes list, click the icon to add the email and profile scopes to the Allowed Scopes list.

  13. Click Save.

  14. Click the toggle to enable the application.

    Screen capture of the toggle to enable the Policy Editor application

  15. Copy the following IDs:

    • Client ID: To find the client ID, go to the application’s Profile tab.

    • Environment ID: To find the environment ID, click Environment in the left navigation pane.

      You’ll need the client ID and the environment ID to configure the Policy Editor to use PingOne.