Orchestration SDKs

Step 2. Configure connection properties

PingAM Android

In this step, you configure the kotlin-oidc sample to connect to the OAuth 2.0 application you created in PingAM, using OIDC sign-on.

  1. In Android Studio, open the sdk-sample-apps/android/kotlin-oidc project you cloned in the previous step.

  2. In the Project pane, switch to the Android view.

  3. In the Android view, navigate to oidc > kotlin+java > com.pingidentity.samples.oidc.app, and open CentralizeLoginViewModel.kt.

  4. Locate the OidcWeb object and update with the values from your PingAM tenant:

    val web by lazy {
    OidcWeb {
        logger = Logger.STANDARD
        module(Oidc) {
            clientId = "sdkPublicClient"
            discoveryEndpoint = "https://openam.example.com:8443/openam/oauth2/realms/root/.well-known/openid-configuration"
            scopes = mutableSetOf("openid", "email", "address", "profile")
            redirectUri = "com.example.demo://oauth2redirect"
        }
    }
}
    clientId

    The client ID from your OAuth 2.0 application in PingAM.

    For example, sdkPublicClient

    discoveryEndpoint

    The .well-known endpoint from your PingAM tenant.

    How do I find my PingAM .well-known URL?

    To form the .well-known URL for an PingAM server, concatenate the following information into a single URL:

    1. The base URL of the PingAM component of your deployment, including the port number and deployment path.

      For example, https://openam.example.com:8443/openam

    2. The string /oauth2

    3. The hierarchy of the realm that contains the OAuth 2.0 client.

      You must specify the entire hierarchy of the realm, starting at the Top Level Realm. Prefix each realm in the hierarchy with the realms/ keyword.

      For example, /realms/root/realms/customers

      If you omit the realm hierarchy, the top level ROOT realm is used by default.

    4. The string /.well-known/openid-configuration

    For example, https://openam.example.com:8443/openam/oauth2/realms/root/.well-known/openid-configuration

    scopes

    The scopes you added to your OAuth 2.0 application in PingAM.

    For example, openid profile email address

    redirectUri

    The redirect_uri as configured in the OAuth 2.0 client profile.

    This value must exactly match a value configured in your OAuth 2.0 client.

    For example, com.example.demo://oauth2redirect

  5. Save your changes.