Ping Identity SSO
In this guide, you’ll learn how to set up Ping Identity authentication in Coalesce.
You must be a Ping Administrator to complete this process.
Create a Ping Identity Application
-
In Ping go to the Applications page, and create a new application.
-
Give the application a name.
-
Select Single-Page as the Application Type.
-
Click Save.
-
After saving, you’ll be taken to the Application overview screen.
-
Click on Configuration, then edit.
-
Set the following confirmation options:
- Select all options under Response Type:
- Code
- Token
- ID
- Grant Type:
- Click Authorization Code
- PKCE Enforcement is Optional
- Click Implicit
- Under Redirect URIs enter your Coalesce instance URL with login/callback added.
https://<your Coalesce app domain>/login/callback
- For example:
https://testapp.app.coalescesoftware.io/login/callback
- The other configuration options can be left as default.
- Select all options under Response Type:
-
Click Save.
-
After saving, you’ll be taken to the Application overview screen.
-
Next, you’ll make sure your allowed scopes are set. Click on Resources, then edit.
-
Make sure the following scopes are set:
openid
email
profile
-
Make sure your application is turned on by toggling the switch near the X.
Gather Your Ping SSO Information
You are gathering your subdomain, Authorization Server, and OIDC clientID.
-
On the Application overview screen, click URLs to open a drop-down.
-
Copy the Authorization URL. You only need up to the
/as
. Leave off the trailing slash.- For example:
https://auth.pingone.com/8d472703-1eaf-491b-a425-91aff175d01f/as
.
- For example:
Get your Subdomain
Your subdomain is the subdomain of your Coalesce instance. For example, if you login at https://testapp.app.coalescesoftware.io/. Your subdomain is testapp
. You can also check your subdomain by going to your organizations single sign-on settings.
If the Subdomain box in your settings is blank, you need to create a subdomain for your organization.
Get your OIDC Client ID
- On the Application overview screen, copy the Client ID.
Configure Coalesce Ping Settings
- Log into Coalesce, and click on Org Settings.
- Select Single Sign-On.
- Set the Authority to Ping.
- Enter the Subdomain, for example
testapp
. - Enter the Authorization Server using the pingone URL. For example,
https://auth.pingone.com/8d472703-1eaf-491b-a425-91aff175d01f/as
. - Enter the OIDC clientID from the Overview Screen.
- Click Save.
Congratulations. You should be able to select Single-Sign On next time you login to Coalesce.