--- title: Step 2. Configure connection properties description: Explains how to configure the connection properties in the sample app for the Android OIDC sign-on module tutorial with Advanced Identity Cloud. component: orchsdks page_id: orchsdks:oidc:try-it-out/android/aic/02_configuring-connection-properties canonical_url: https://developer.pingidentity.com/orchsdks/oidc/try-it-out/android/aic/02_configuring-connection-properties.html revdate: Thu, 2 Apr 2026 11:33:37 +0100 keywords: ["OAuth 2.0", "OpenID Connect", "Tutorial", "Source Code", "Integration", "SDK", "Android", "Advanced Identity Cloud", "connection properties"] --- # Step 2. Configure connection properties [icon: circle-check, set=far]PingOne Advanced Identity Cloud [icon: android, set=fab]Android * [Prepare](00_before-you-begin.html) * [Download](01_download-sample-repo.html) * **Configure** * [Run](03_test-the-app.html) In this step, you configure the kotlin-oidc sample to connect to the OAuth 2.0 application you created in PingOne Advanced Identity Cloud, using OIDC sign-on. 1. In Android Studio, open the `sdk-sample-apps/android/kotlin-oidc` project you cloned in the previous step. 2. In the Project pane, switch to the Android view. 3. In the Android view, navigate to **oidc > kotlin+java > com.pingidentity.samples.oidc.app**, and open `CentralizeLoginViewModel.kt`. 4. Locate the `OidcWebClient` object and update with the values from your PingOne Advanced Identity Cloud tenant: ```kotlin val web by lazy { OidcWebClient { logger = Logger.STANDARD module(Oidc) { clientId = "sdkPublicClient" discoveryEndpoint = "https://openam-forgerock-sdks.forgeblocks.com/am/oauth2/realms/alpha/.well-known/openid-configuration" scopes = mutableSetOf("openid", "email", "address", "profile") redirectUri = "com.example.demo://oauth2redirect" } } } ``` * *clientId* The client ID from your OAuth 2.0 application in PingOne Advanced Identity Cloud. For example, `sdkPublicClient` * *discoveryEndpoint* The `.well-known` endpoint from your PingOne Advanced Identity Cloud tenant. > **Collapse: How do I find my PingOne Advanced Identity Cloud URL?** > > You can view the `.well-known` endpoint for an OAuth 2.0 client in the PingOne Advanced Identity Cloud admin console: > > 1. Log in to your PingOne Advanced Identity Cloud administration console. > > 2. Click Applications, and then select the OAuth 2.0 client you created earlier. For example, sdkPublicClient. > > 3. On the Sign On tab, in the Client Credentials section, copy the Discovery URI value. > > For example, `https://openam-forgerock-sdks.forgeblocks.com/am/oauth2/alpha/.well-known/openid-configuration` > > | | | > | - | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | > | | If you are using a custom domain, your `.well-known` is formed as follows:`https:///.well-known/openid-configuration`Learn more in [Access OIDC configuration discovery endpoint](https://docs.pingidentity.com/pingoneaic/latest/realms/custom-domains.html#access-oidc-configuration-discovery-endpoint). | * *scopes* The scopes you added to your OAuth 2.0 application in PingOne Advanced Identity Cloud. For example, `openid profile email address` * *redirectUri* The `redirect_uri` as configured in the OAuth 2.0 client profile. This value must exactly match a value configured in your OAuth 2.0 client. For example, `com.example.demo://oauth2redirect` 5. Save your changes.