Creating a new Identity Provider in the Sophie web application
Start by opening the Sophie web app, then select
Settings -> Manage Users -> Identity Providers from the left menu:
Create a new
OpenID Connect application. Specify an alias (e.g.
ping-federate) and a display name (e.g.
PingID). Make note of the
The Authorization URL should be:
The Token URL:
The User Info URL:
The JWKS URL:
Validate Signatures and
Use JWKS URL are both enabled.
Note: these endpoints and others can be found under:
Within the Sophie web-app, you have the option to simply import these settings from the above endpoint.
Don't save the new Identity Provider yet - you'll need the
Client ID and
Client Secret which you will obtain in the next step.
Creating a new OpenID Connect Client in PingFederate
Browse to the administration portal of PingFederate. Make sure that OpenID Connect is enabled. You can enable it via
System -> Server -> Protocol Settings.
Oauth Server, then under
Fill out the form as follows. Make note of the
Client ID and
Client Secret - paste them in the Sophie web-app, then save the form.
Redirection URI you took note of earlier in the Sophie WebApp.
Check the following:
Logout from the Sophie web app. On the login page you will now see the new sing-in option:
That's it! Try to login with your PindID credentials. On first login, you will be prompted to allow access to your basic information: