Step 3. Configuring connection properties
PingOne Advanced Identity Cloud PingAM React Native
In this step, you configure the PingSampleApp to connect to your PingOne Advanced Identity Cloud or PingAM instance.
All connection settings are stored in a .env file in the PingSampleApp directory.
The app reads this file at build time.
Creating the environment file
-
In a terminal, navigate to the
PingSampleAppdirectory:cd PingSampleApp -
Copy the example environment file:
cp .env.example .env -
Open
.envin a text editor and update the values to match your environment:Example values in the .env fileJOURNEY_SERVER_URL=https://openam-forgerock-sdks.forgeblocks.com/am JOURNEY_REALM=alpha JOURNEY_COOKIE=ch15fefc5407912 JOURNEY_CLIENT_ID=sdkPublicClient JOURNEY_DISCOVERY_ENDPOINT=https://openam-forgerock-sdks.forgeblocks.com/am/oauth2/realms/alpha/.well-known/openid-configuration JOURNEY_REDIRECT_URI=com.example.demo://oauth2redirect JOURNEY_SCOPES=openid, email, address, profile- JOURNEY_SERVER_URL
-
The base URL of the server, including the deployment path.
PingOne Advanced Identity Cloud example:
https://openam-forgerock-sdks.forgeblocks.com/amPingAM example:
https://openam.example.com:8443/openam - JOURNEY_REALM
-
The realm in which the OAuth 2.0 client and authentication journeys are configured.
Typically
rootfor AM andalphaorbravofor Advanced Identity Cloud. - JOURNEY_COOKIE
-
The name of the cookie used for the session token.
For example, with a self-hosted PingAM server this value might be
iPlanetDirectoryPro.PingOne Advanced Identity Cloud tenants use a random alphanumeric string.
To find the cookie name in an PingOne Advanced Identity Cloud tenant, navigate to Tenant settings > Global Settings, and copy the value of the Cookie property.
- JOURNEY_CLIENT_ID
-
The client ID of the OAuth 2.0 application you registered in PingOne Advanced Identity Cloud or PingAM.
For example,
sdkPublicClient - JOURNEY_DISCOVERY_ENDPOINT
-
The
.well-knownOpenID Connect discovery endpoint for your server.How do I find my PingOne Advanced Identity Cloud
.well-knownURL?You can view the
.well-knownendpoint for an OAuth 2.0 client in the PingOne Advanced Identity Cloud admin console:-
Log in to your PingOne Advanced Identity Cloud administration console.
-
Click Applications, and then select the OAuth 2.0 client you created earlier. For example, sdkPublicClient.
-
On the Sign On tab, in the Client Credentials section, copy the Discovery URI value.
For example,
https://openam-forgerock-sdks.forgeblocks.com/am/oauth2/alpha/.well-known/openid-configuration
If you are using a custom domain, your
.well-knownis formed as follows:https://<custom-domain-fqdn>/.well-known/openid-configurationLearn more in Access OIDC configuration discovery endpoint.
How do I find my PingAM
.well-knownURL?To form the
.well-knownURL for an PingAM server, concatenate the following information into a single URL:-
The base URL of the PingAM component of your deployment, including the port number and deployment path.
For example,
https://openam.example.com:8443/openam -
The string
/oauth2 -
The hierarchy of the realm that contains the OAuth 2.0 client.
You must specify the entire hierarchy of the realm, starting at the Top Level Realm. Prefix each realm in the hierarchy with the
realms/keyword.For example,
/realms/root/realms/customersIf you omit the realm hierarchy, the top level
ROOTrealm is used by default. -
The string
/.well-known/openid-configuration
For example,
https://openam-forgerock-sdks.forgeblocks.com/am/oauth2/realms/alpha/.well-known/openid-configuration -
- JOURNEY_REDIRECT_URI
-
The redirect URI configured in your OAuth 2.0 client profile.
This value must exactly match a redirect URI registered in your server.
For example,
com.example.demo://oauth2redirect.The default redirect scheme registered in the sample app is
org.forgerock.demo.If you use a different scheme, you must also update
manifestPlaceholders["appRedirectUriScheme"]inPingSampleApp/android/app/build.gradle(Android) and theCFBundleURLSchemesentry inPingSampleApp/ios/PingSampleApp/Info.plist(iOS) to match. - JOURNEY_SCOPES
-
A comma-separated list of OAuth 2.0 scopes to request.
For example,
openid, email, address, profile
With the environment file configured, the React Native app will pick up your settings the next time you build and run it.