mirror of https://github.com/nocodb/nocodb
Raju Udava
11 months ago
1 changed files with 56 additions and 0 deletions
@ -0,0 +1,56 @@ |
|||||||
|
--- |
||||||
|
title: 'Ping Identity' |
||||||
|
description: 'Learn how to configure Ping Identity as an identity provider for NocoDB.' |
||||||
|
tags: ['SSO', 'Ping Identity', 'OIDC'] |
||||||
|
keywords: ['SSO', 'Ping Identity', 'OIDC', 'Authentication', 'Identity Provider'] |
||||||
|
--- |
||||||
|
|
||||||
|
This article briefs about the steps to configure Ping Identity as Identity service provider for NocoDB |
||||||
|
|
||||||
|
1. Enable `OIDC SSO` on NocoDB |
||||||
|
- Go to `Account Settings` > `Authentication` |
||||||
|
- Activate `OIDC` toggle button |
||||||
|
2. Retrieve `Redirect URL` from NocoDB |
||||||
|
- Go to `Account Settings` > `Authentication` > `OIDC` |
||||||
|
- Note down `Redirect URL` ; these information will be required to be configured later with the Identity Provider |
||||||
|
3. Access your [PingOne account](https://www.pingidentity.com/en/account/sign-on.html) and navigate to the homepage. |
||||||
|
4. Click on `Add Environment` from the top right corner. |
||||||
|
5. On the `Create Environment` screen, |
||||||
|
- Opt for `Build your own solution` |
||||||
|
- In the `Select solution(s) for your Environment` section, select `PingOne SSO` from `Cloud Services` |
||||||
|
- Click `Next` |
||||||
|
- Provide a name and description for the environment, |
||||||
|
- Click `Next` |
||||||
|
6. Access the newly created environment and go to `Connections` > `Applications` from the sidebar. |
||||||
|
7. Within the Applications homepage, initiate the creation of a new application by clicking the "+" icon. |
||||||
|
8. On the "Add Application" panel: |
||||||
|
- Input the application name and description. |
||||||
|
- Choose "OIDC Web App" as the Application Type and click "Configure" |
||||||
|
9. From your application, |
||||||
|
- Go to `Configurations` tab |
||||||
|
- Click on `Edit` button |
||||||
|
- Check `Refresh Token` option |
||||||
|
- Copy `Authorization URL`, `Token URL`, `Userinfo URL` & `JWK Set URL` from the `Endpoints` section |
||||||
|
- From `Generals` dropdown, copy `Client ID` & `Client Secret` |
||||||
|
- `Save` |
||||||
|
10. From `Resources` tab, |
||||||
|
- Click `Edit` |
||||||
|
- Select `openid` `profile` `email` from `Scopes` |
||||||
|
11. Switch toggle button in the top right corner to `On` to activate the application. |
||||||
|
12. In NocoDB, open `Account Settings` > `Authentication` > `OIDC` |
||||||
|
- Insert `Client ID` retrieved in step (9) above as `Client ID` |
||||||
|
- Insert `Client Secret` retrieved in step (9) above as `Client Secret` |
||||||
|
- Insert `Authorization URL` retrieved in step (9) above as `Authorization URL` |
||||||
|
- Insert `Token URL` retrieved in step (9) above as `Token URL` |
||||||
|
- Insert `Userinfo URL` retrieved in step (9) above as `Userinfo URL` |
||||||
|
- Insert `JWK Set URL` retrieved in step (9) above as `JWK Set URL` |
||||||
|
- Set `Scope` as `openid` `profile` `email` `offline_access` |
||||||
|
13. In the Username Attribute field, indicate the name of the claim that represents the user's email. The default value is set to "email." |
||||||
|
|
||||||
|
For Sign-in's, user should be able to now see `Sign in with <SSO>` option. |
||||||
|
|
||||||
|
:::note |
||||||
|
Post sign-out, refresh page (for the first time) if you do not see `Sign in with <SSO>` option |
||||||
|
::: |
||||||
|
|
||||||
|
For information about Ping Identity API Scopes, refer [here](https://docs.pingidentity.com/r/en-us/pingone/pingone_t_edit_scopes_for_an_application) |
Loading…
Reference in new issue