Ping Identity SSO
In this guide, you’ll learn how to set up Ping Identity authentication in Coalesce.
Ping Identity Administrator
You must be a Ping Administrator to complete this process.
Create a Ping Identity Application
- In Ping go to the Applications page, and create a new application.
- Give the application a name.
- Select Single-Page as the Application Type.
- Click Save.
- After saving, you’ll be taken to the Application overview screen.
- Click on Configuration, then edit.
- Set the following confirmation options:
- Select all options under Response Type:
- Code
- Token
- ID
- Grant Type:
- Click Authorization Code
- PKCE Enforcement is Optional
- Click Implicit
- Under Redirect URIs enter your Coalesce instance URL with login/callback added.
https://<your Coalesce app domain>/login/callback
- For example:
https://testapp.app.coalescesoftware.io/login/callback
- Create an app domain if one hasn’t already been defined for your organization. We recommend choosing a name specific to your organization. If the Subdomain box in your Single Sign-On Settings is blank, you need to create a subdomain for your organization.
- The other configuration options can be left as default.
- Select all options under Response Type:
- Click Save.
- After saving, you’ll be taken to the Application overview screen.
- Next, you’ll make sure your allowed scopes are set. Click on Resources, then edit.
- Make sure the following scopes are set:
- openid
- profile
- Make sure your application is turned on by toggling the switch near the X.
Gather Your Ping SSO Information
You are gathering your subdomain, Authorization Server, and OIDC clientID.
- On the Application overview screen, click URLs to open a drop-down.
- Copy the Authorization URL. You only need up to the
/as
. Leave off the trailing slash.- For example:
https://auth.pingone.com/8d472703-1eaf-491b-a425-91aff175d01f/as
.
- For example:
Get your Subdomain
Your subdomain is the subdomain of your Coalesce instance. For example, if you login at https://testapp.app.coalescesoftware.io/. Your subdomain is testapp
. You can also check your subdomain by going to your organizations single sign-on settings.
If the Subdomain box in your settings is blank, you need to create a subdomain for your organization.
Get your OIDC clientID
- On the Application overview screen, copy the Client ID.
Configure Coalesce Ping Settings
- Log into Coalesce, and click on Org Settings.
- Select Single Sign-On.
- Set the Authority to Ping.
- Enter the Subdomain, for example testapp.
- Enter the Authorization Server using the pingone URL. For example, https://auth.pingone.com/8d472703-1eaf-491b-a425-91aff175d01f/as.
- Enter the OIDC clientID from the Overview Screen.
- Click Save.
Congratulations! You should be able to select Single-Sign On next time you login to Coalesce.
Updated about 11 hours ago