Ping Identity SSO

In this guide, you’ll learn how to set up Ping Identity authentication in Coalesce.


Ping Identity Administrator

You must be a Ping Administrator to complete this process.

Create a Ping Identity Application

  1. In Ping go to the Applications page, and create a new application.
  2. Give the application a name.
  3. Select Single-Page as the Application Type.
  4. Click Save.
Add new application in Ping Identity

Add new application in Ping Identity

  1. After saving, you’ll be taken to the Application overview screen.
  2. Click on Configuration, then edit.
  3. Set the following confirmation options:
    1. Select all options under Response Type:
      1. Code
      2. Token
      3. ID
    2. Grant Type:
      1. Click Authorization Code
      2. PKCE Enforcement is Optional
      3. Click Implicit
    3. Under Redirect URIs enter your Coalesce instance URL with login/callback added.
      1. https://<your Coalesce app domain>/login/callback
      2. For example:
    4. The other configuration options can be left as default.
  4. Click Save.
  5. After saving, you’ll be taken to the Application overview screen.
  6. Next, you’ll make sure your allowed scopes are set. Click on Resources, then edit.
  7. Make sure the following scopes are set:
    1. openid
    2. email
    3. profile
Required scope

Required scope

  1. Make sure your application is turned on by toggling the switch near the X.

Gather Your Ping SSO Information

You are gathering your subdomain, Authorization Server, and OIDC clientID.

  1. On the Application overview screen, click URLs to open a drop-down.
  1. Copy the Authorization URL. You only need up to the /as. Leave off the trailing slash.
    1. For example:

Get your Subdomain

Your subdomain is the subdomain of your Coalesce instance. For example, if you login at Your subdomain is testapp.

Get your OIDC clientID

  1. On the Application overview screen, copy the Client ID.

Configure Coalesce Ping Settings

  1. Log into Coalesce, and click on Org Settings.
  2. Select Single Sign-On.
  3. Set the Authority to Ping.
  4. Enter the Subdomain, for example testapp.
  5. Enter the Authorization Server using the pingone URL. For example,
  6. Enter the OIDC clientID from the Overview Screen.
  7. Click Save.

Congratulations! You should be able to select Single-Sign On next time you login to Coalesce.