PingOne Platform APIs

Task 3: Create an SSO workflow

In this workflow, you’ll test the new environment you created by setting up a Web app for users to perform single sign-on (SSO) to PingOne. You’ll do this by creating an OIDC Web app, getting the new Web app’s secret, and making an authorization request to the PingOne authorization server. Then, you’ll make flow orchestration requests to submit your test user’s credentials, get an authorization code, and exchange the auth code for an access token.

The result

  • The sign-on workflow returns an access token, enabling a PingOne user (in this case, the user you’ve created in the prior workflow to create a test environment) to SSO through a Web application. The PingOne authorization and authentication APIs perform the following actions:

    • Query the PingOne authorization server to initiate the sign-on flow.

    • Start an authentication session and return a flow ID that tracks the user through the sign-on steps.

    • Prompts the user to submit their username and password.

    • Verifies the user’s credentials, and issues an authorization code in response.

    • Exchanges the authorization code for an access token that signs on to the user’s account through the Web application.

  • By completing the sign-on workflow, you’ve verified that the new environment, the test user, the Web application, and the authentication actions that you’ve created are functional.

If you choose to use Postman

If you don’t already have a Postman installation, you can install the free version. Refer to Download Postman.

  1. Import or fork the Postman collection Simple SSO into your Postman installation by clicking the Run in Postman button below. You’ll use this collection for this workflow:

    Run in Postman

  2. When you open the Postman collection, ensure that you select PingOne Postman Environment Template for use with the collection:

    PingOnePostmanEnvironmentTemplate

  3. Refer to PingOne API domains as needed for important information.

If you choose not to use Postman

If you’d rather not install Postman, this guide doesn’t limit or constrain you in that respect. Each Postman request is documented, and has a dropdown list to show the coding language to use for the request. (This is also true for our Platform Reference API documentation.)

RequestLanguage

You can use cURL (the default) and call the request from your command line, or select one of the other coding languages in the dropdown list, copy the request into your IDE, and call it from there.