--- title: 'Ping Identity' description: 'Learn how to configure Ping Identity as an identity provider for NocoDB.' tags: ['SSO', 'Ping Identity', 'OIDC'] keywords: ['SSO', 'Ping Identity', 'OIDC', 'Authentication', 'Identity Provider'] --- :::warning SSO is available under private beta for self hosted enterprise customers. Please reach [**out to us**](https://calendly.com/nocodb) for early access. ::: This article briefs about the steps to configure Ping Identity as Identity service provider for NocoDB ### NocoDB, Retrieve `Redirect URL` 1. Go to `Account Settings` 2. Select `Authentication (SSO)` 3. Click on `New Provider` button 4. On the Popup modal, Specify a `Display name` for the provider; note that, this name will be used to display the provider on the login page 5. Retrieve `Redirect URL`; this information will be required to be configured later with the Identity Provider ![OIDC SSO Configuration](/img/v2/account-settings/SSO-1.png) ![OIDC SSO Configuration](/img/v2/account-settings/OIDC-2.png) ![OIDC SSO Configuration](/img/v2/account-settings/OIDC-3.png) ### Ping Identity, Configure NocoDB as an Application 1. Access your [PingOne account](https://www.pingidentity.com/en/account/sign-on.html) and navigate to the homepage. 2. Click on `Add Environment` from the top right corner. 3. On the `Create Environment` screen, - Opt for `Build your own solution` - In the `Select solution(s) for your Environment` section, select `PingOne SSO` from `Cloud Services` - Click `Next` - Provide a name and description for the environment, - Click `Next` 4. Access the newly created environment and go to `Connections` > `Applications` from the sidebar. 5. Within the Applications homepage, initiate the creation of a new application by clicking the "+" icon. 6. On the "Add Application" panel: - Input the application name and description. - Choose "OIDC Web App" as the Application Type and click "Configure" 7. From your application, - Go to `Configurations` tab - Click on `Edit` button - Check `Refresh Token` option - Copy `Authorization URL`, `Token URL`, `Userinfo URL` & `JWK Set URL` from the `Endpoints` section - From `Generals` dropdown, copy `Client ID` & `Client Secret` - `Save` 8. From `Resources` tab, - Click `Edit` - Select `openid` `profile` `email` from `Scopes` 9. Switch toggle button in the top right corner to `On` to activate the application. ### NocoDB, Configure Ping Identity as an Identity Provider 1. In NocoDB, open `Account Settings` > `Authentication` > `OIDC`. On the "Register OIDC Identity Provider" modal, insert the following information: - Insert `Client ID` retrieved in step (9) above as `Client ID` - Insert `Client Secret` retrieved in step (9) above as `Client Secret` - Insert `Authorization URL` retrieved in step (9) above as `Authorization URL` - Insert `Token URL` retrieved in step (9) above as `Token URL` - Insert `Userinfo URL` retrieved in step (9) above as `Userinfo URL` - Insert `JWK Set URL` retrieved in step (9) above as `JWK Set URL` - Set `Scope` as `openid` `profile` `email` `offline_access` - In the Username Attribute field, indicate the name of the claim that represents the user's email. The default value is set to "email." For Sign-in's, user should be able to now see `Sign in with ` option. ![SAML SSO Configuration](/img/v2/account-settings/SSO-SignIn.png) :::note Post sign-out, refresh page (for the first time) if you do not see `Sign in with ` option ::: For information about Ping Identity API Scopes, refer [here](https://docs.pingidentity.com/r/en-us/pingone/pingone_t_edit_scopes_for_an_application)