Configuring Ping as Identity Provider

To configure Ping as the identity provider, you need to do the following:

1. Creating a Ping Application That Will Serve as Identity Provider: We register an application in Ping Identity to use the service as an external identity provider. 
2. Registering Our Ping Application in the IGEL Customer Portal: This will enable IGEL Cloud Services to use our Ping Application as the external identity provider.

Creating a Ping Application That Will Serve as Identity Provider

1. Log in to Ping with your admin account, and on the Connections > Applications page add a new application.
   
   
   
2. Edit the settings as follows and then click Next. 
   
   • Under Application Name, enter a name for your application, e.g. "OBS".
   • Set Application Type to OIDC Web Application.
     
     
     
3. Edit the settings under Edit Configuration as follows and then click Save.
   • Under Response Type, make sure Code is selected.
   • Make sure that as the Grant Type, the option Authorization Code is selected and that the Proof Key for Code Exchange (PKCE) Enforcement is set to S256_REQUIRED.
     
   • Under Redirect URIs, add "https://obs.services.igel.com/".
     
     
     
   • Under Token Endpoint Authentication Method make sure Client Secret Post is selected.
     
     
     
4. By default, access is granted for all users. To configure access, open the Edit Access page from the Access button and use group access by choosing an existing Group configured under Identities > Groups.
   

The app integration is created.

Registering Our Ping Application in the IGEL Customer Portal

1. Open the  IGEL Customer Portal  in your browser, log in to your admin account, and select Users > IGEL OS IdP.
   
   
   
2. Click Register IGEL OS IdP.
   
   
   
3. Enter a Display name. This is the name under which your identity provider app will be displayed.
   
   
   
4. Change to the tab with your Ping app, go to the Overview tab and copy the Client ID.
   
   
   
5. Change to the IGEL Customer Portal (IGEL OS Identity Provider (IdP) Registration) tab and paste the client ID into the field Client ID.
   
   
   
6. Change to the tab with your Ping app, go to the Overview tab and copy the Client Secret.
   
   
   
7. Change to the IGEL Customer Portal (IGEL OS Identity Provider (IdP) Registration) tab and paste the client secret into the field Client secret.
   
   
   
8. To get the Authorization Endpoint URL and Token Endpoint URL, change to the tab with your Ping app and go to the Configuration tab.
   
   
   
9. Copy and paste the values into the Authorization Endpoint URL and Token Endpoint URL fields one by one.
   
   
   
10. To add a domain, click Add, enter the Domain name, and then click Add in the dialog.
    
    
    
11. Click Submit.
    The data record is created.