PingOne

Adding an identity provider - PayPal

Adding PayPal as an external IDP gives your users the option to sign on with PayPal when accessing your application.

Before you begin

Ensure that you have:

Registering your application with PayPal

Create your application with PayPal, and then copy the client ID and client secret.

Before you begin

Ensure that you have a PayPal account with an active subscription.

Steps

  1. Go to PayPal for Developers and sign on to your account.

    If you don’t have a PayPal account, you can create one now.

  2. In the My apps and credentials section, click Sandbox.

  3. In the Rest API apps section, click Create app.

  4. In the Application details field, enter a name for the application, and then click Create app.

  5. In the Sandbox API credentials section, copy the Client ID to a secure location.

  6. In the Secret section, click Show.

  7. Copy the client secret to a secure location.

  8. In the App feature options section, select Connect with PayPal.

    You can clear the other options, unless your organization has a specific need for them.

  9. Click Save.

Configuring scopes and options

On the PayPal for Developers site, configure the options for scope attributes, permissions, and customer consent.

Steps

  1. Go to PayPal for Developers.

  2. In the Rest API apps section, click your application name.

  3. In the Connect with PayPal section, click Advanced options.

  4. Select the following scope attributes:

    • Full name

    • Email

    • Street address

    • City

    • State

    • Country

    • Postal code

    • Account verification status

    • PayPal account ID

  5. Under Links shown on customer consent page, enter the following:

    • Privacy policy URL: (Optional). The location of your organization’s privacy policy.

    • User agreement URL: (Optional). The location of your organization’s user agreement.

  6. In the Additional PayPal permissions section, select Enable customers who have not yet confirmed their email with PayPal to log in to your app.

  7. Click Save.

Adding PayPal as an identity provider in PingOne

Configure the IdP connection in PingOne.

Steps

  1. In the PingOne admin console, go to Integrations > External IdPs and click .

  2. Click PayPal.

  3. Click Next.

  4. On the Add External Identity Provider page, enter the following information:

    • Name: A unique identifier for the IdP

    • Description (optional): A brief description of the IdP.

    • Population: A population that overrides the authentication policy’s registration population and enables just-in-time registration from the IdP.

      You can’t change the Icon and Sign-on Button in accordance with the provider’s brand standards.

  5. Click Next.

  6. Configure the connection and enter the following information:

    • Client ID: The application ID from the IdP that you copied earlier. You can find this information on the PayPal for Developers site.

    • Client secret: The application secret from the IdP that you copied earlier. You can find this information on the PayPal for Developers site.

    • Environment: The environment the configuration connects to. Click live or sandbox

    • Callback URL: Copy the Callback URL to a secure location. You’ll provide this value to the IdP later.

  7. Click Next.

  8. Define how the PingOne user attributes are mapped to identity provider attributes. Learn more in Mapping attributes.

    • Enter the PingOne user profile attribute and the external IdP attribute. Learn more about attribute syntax in Identity provider attributes.

    • To add an attribute, click Add.

    • To use the advanced expression builder, click the Gear icon. Learn more in Using the expression builder.

    • Select the update condition, which determines how PingOne updates its user directory with the values from the IdP. The options are:

      • Empty only: Update the PingOne attribute only if the existing attribute is empty.

      • Always: Always update the PingOne directory attribute.

  9. Click Save.

Registering the callback URL with PayPal

Copy the callback URL value from the PingOne admin console and enter it into the PayPal for Developers site.

Before you begin

Ensure that you have the callback URL from the PingOne admin console.

Steps

  1. In the PingOne admin console, go to Integrations > External IdPs and browse or search for the appropriate IdP.

  2. Click the IdP to open the details panel.

  3. Click the Connection tab.

  4. Copy the Callback URL and paste it in a secure location.

  5. Go to PayPal for Developers.

  6. In the Rest API apps section, click your application name.

  7. In the Sandbox app settings section, locate Return URL.

  8. Click Show.

  9. For Return URL, enter the callback URL value that you copied from the PingOne admin console.

  10. Click Save.

Next steps