Skip to main content
Version: On prem: 15.0.1

Configure PingFederate with Open ID Connect on-prem

DISCLAIMER


This page contains third-party references. We strive for our content to always be up-to-date, however, the content referring to external vendors may change independently of Omada. If you spot any inconsistency, please report it to our Helpdesk.

Follow these steps to configure PingFederate with Open ID Connect:

  1. Log in to the PingFederate admin console.

  2. Go to Server Configuration > Server Settings > Roles & Protocols.

  3. Enable OAuth 2.0 and OpenID CONNECT.

  4. Select OAuth Settings, then click Create New.

  5. Type a name and the URL to logon.aspx (use lower case).

  6. Select Implicit grant types, then click Save.

  7. Go to OAuth Settings > IdP Adapter Mappings.

  8. Map the USER_KEY and USER_NAME to a meaningful value from the adapter.

  9. Open the Access Token Attribute Mapping.

  10. Map the Default context to the CRC Token Manager.

  11. Next, open the Policy Management.

  12. Add a policy Omada Identity mapping sub to id (Token).

  13. Set the policy as Default, then create the Ping metadata endpoint from the URL to the PingFederate server and add .well-known/openid-configuration at the end of the URL, for example: http://samlmart.zapto.org/.well-known/openid-configuration.

  14. Add the Client ID (Omada Identity) to tblCustomerAuth.IdpIssuer as well as tblCustomerAuth.IdpAudience and the Ping endpoint URL to tblCustomerAuth.IdpEndPoint.