--- title: Step 2. Configure connection properties description: PingOne Advanced Identity Cloud PingAM Android component: orchsdks page_id: orchsdks:journey:try-it-out/android/02_configure_sample_for_journeys canonical_url: https://developer.pingidentity.com/orchsdks/journey/try-it-out/android/02_configure_sample_for_journeys.html revdate: Thu, 24 Apr 2025 14:44:20 +0100 keywords: ["PingOne Advanced Identity Cloud", "PingAM", "Journeys", "Setup & Configuration", "Source Code", "Tutorial", "SDK"] --- # Step 2. Configure connection properties [icon: circle-check, set=far]PingOne Advanced Identity Cloud [icon: circle-check, set=far]PingAM [icon: android, set=fab]Android * [Prepare](00_before-you-begin.html) * [Download](01_download_samples.html) * **Configure** * [Run](03_run_the_sample.html) In this step, you configure the "kotlin-journey" sample to connect to your server. 1. In Android Studio, open the `sdk-sample-apps/android/kotlin-journey` folder you cloned in the previous step. 2. In the **Project** pane, switch to the **Android** view. ![android studio android view en](../../_images/android-studio-android-view-en.png)Figure 1. Switching the project pane to Android view. 3. In the **Android** view, navigate to **app > kotlin+java > com.pingidentity.samples.journeyapp > env**, and open `EnvViewModel.kt`. The file contains **Journey** module configuration sections for two different environments, `testConfig` and `prodConfig`: ```kotlin val testConfig = Journey { logger = Logger.STANDARD serverUrl = "" realm = "" cookie = "" module(Oidc) { clientId = "", "") redirectUri = "" } } val prodConfig = Journey { logger = Logger.STANDARD serverUrl = "" realm = "" cookie = "" module(Oidc) { clientId = "", "") redirectUri = "" } } ``` 4. Update both of these configuration blocks with the details of your server environment. | | | | - | ----------------------------------------------------------------------------------------------- | | | You must populate both configuration blocks, but you can use identical values in each property. | * *serverUrl* The URL of the server to connect to, including the deployment path of the Access Management component. *Identity Cloud example*: `https://openam-forgerock-sdks.forgeblocks.com/am` *Self-hosted example*: `https://openam.example.com:8443/openam` * *realm* The realm in which the OAuth 2.0 client profile and authentication journeys are configured. Usually, `root` for AM and `alpha` or `bravo` for Advanced Identity Cloud. * *cookie* The name of the cookie that contains the session token. For example, with a self-hosted PingAM server this value might be `iPlanetDirectoryPro`. | | | | - | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | PingOne Advanced Identity Cloud tenants use a random alpha-numeric string.To locate the cookie name in an PingOne Advanced Identity Cloud tenant, navigate to **Tenant settings** > **Global Settings**, and copy the value of the **Cookie** property. | * *clientId* The client ID of your OAuth 2.0 application in PingOne Advanced Identity Cloud or PingAM. For example, `sdkPublicClient` * *discoveryEndpoint* The `.well-known` endpoint from your server. > **Collapse: How do I find my PingOne Advanced Identity Cloud URL?** > > You can view the `.well-known` endpoint for an OAuth 2.0 client in the PingOne Advanced Identity Cloud admin console: > > 1. Log in to your PingOne Advanced Identity Cloud administration console. > > 2. Click Applications, and then select the OAuth 2.0 client you created earlier. For example, sdkPublicClient. > > 3. On the Sign On tab, in the Client Credentials section, copy the Discovery URI value. > > For example, `https://openam-forgerock-sdks.forgeblocks.com/am/oauth2/alpha/.well-known/openid-configuration` > > | | | > | - | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | > | | If you are using a custom domain, your `.well-known` is formed as follows:`https:///.well-known/openid-configuration`Learn more in [Access OIDC configuration discovery endpoint](https://docs.pingidentity.com/pingoneaic/latest/realms/custom-domains.html#access-oidc-configuration-discovery-endpoint). | > **Collapse: How do I find my PingAM URL?** > > To form the `.well-known` URL for an PingAM server, concatenate the following information into a single URL: > > 1. The base URL of the PingAM component of your deployment, including the port number and deployment path. > > For example, `https://openam.example.com:8443/openam` > > 2. The string `/oauth2` > > 3. The hierarchy of the realm that contains the OAuth 2.0 client. > > You must specify the entire hierarchy of the realm, starting at the Top Level Realm. Prefix each realm in the hierarchy with the `realms/` keyword. > > For example, `/realms/root/realms/customers` > > | | | > | - | ------------------------------------------------------------------------------- | > | | If you omit the realm hierarchy, the top level `ROOT` realm is used by default. | > > 4. The string `/.well-known/openid-configuration` > > For example, `https://openam.example.com:8443/openam/oauth2/realms/root/.well-known/openid-configuration` For example, `https://openam-forgerock-sdks.forgeblocks.com/am/oauth2/realms/alpha/.well-known/openid-configuration` * *scopes* The scopes you added to your OAuth 2.0 application in PingOne Advanced Identity Cloud. For example, `openid profile email address` * *redirectUri* The redirect URI or sign-in URL as configured in the OAuth 2.0 client profile. | | | | - | -------------------------------------------------------------------------- | | | This value must exactly match a value configured in your OAuth 2.0 client. | For example, `com.example.demo://oauth2redirect`. The result will resemble the following: Configuring the Journey module in the kotlin-journey Android app ```kotlin val testConfig = Journey { logger = Logger.STANDARD serverUrl = "https://openam-forgerock-sdks.forgeblocks.com/am" realm = "alpha" cookie = "ch15fefc5407912" // Oidc as module module(Oidc) { clientId = "sdkPublicClient" discoveryEndpoint = "https://openam-forgerock-sdks.forgeblocks.com/am/oauth2/realms/alpha/.well-known/openid-configuration" scopes = mutableSetOf("openid", "email", "address", "profile", "phone") redirectUri = "com.example.demo://oauth2redirect" } } val prodConfig = Journey { logger = Logger.STANDARD serverUrl = "https://openam-forgerock-sdks.forgeblocks.com/am" realm = "alpha" cookie = "ch15fefc5407912" // Oidc as module module(Oidc) { clientId = "sdkPublicClient" discoveryEndpoint = "https://openam-forgerock-sdks.forgeblocks.com/am/oauth2/realms/alpha/.well-known/openid-configuration" scopes = mutableSetOf("openid", "email", "address", "profile", "phone") redirectUri = "com.example.demo://oauth2redirect" } } ``` 5. In the **Android** view, navigate to **app > kotlin+java > com.pingidentity.samples.journeyapp > userprofile**, and open `UserProfileViewModel.kt`. At the end of this file there is a **Device Client** module configuration section, so that the app can list and manage registered devices: ```kotlin return DeviceClient { ssoTokenString = user.session().value serverUrl = URL("https://openam-sdks.forgeblocks.com/am") realm = user.session().realm cookieName = "5421aeddf91aa20" logger = Logger.STANDARD } ``` 6. Update the values in the **Device Client** configuration block with the details of your server environment. * *serverUrl* The URL of the server to connect to, including the deployment path of the Access Management component. *Identity Cloud example*: `https://openam-forgerock-sdks.forgeblocks.com/am` *Self-hosted example*: `https://openam.example.com:8443/openam` * *cookieName* The name of the cookie that contains the session token. For example, with a self-hosted PingAM server this value might be `iPlanetDirectoryPro`. | | | | - | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | PingOne Advanced Identity Cloud tenants use a random alpha-numeric string.To locate the cookie name in an PingOne Advanced Identity Cloud tenant, navigate to **Tenant settings** > **Global Settings**, and copy the value of the **Cookie** property. | The result will resemble the following: Configuring a device client in the kotlin-journey Android app ```kotlin return DeviceClient { ssoTokenString = user.session().value serverUrl = URL("https://openam-forgerock-sdks.forgeblocks.com/am") realm = user.session().realm cookieName = "ch15fefc5407912" logger = Logger.STANDARD } ``` 7. Save your changes. With the sample configured, you can proceed to [Step 3. Test the app](03_run_the_sample.html).