PingID User Management

Feature

Integrating Germain with Ping for Authentication

Configuration in PingID

The configuration in PingID depends on your organization's setup. We can guide you through the process of configuring PingID for OAuth and OpenID authentication methods.

Configuration in Germain

1. Sign in to your Germain application as an administrator.

2. Go to System > System Settings > Root Config (Advanced).

3. Navigate to services > authentication. In AuthenticationConfig, set the following:

   • defaultRedirectPath: workspace URL (e.g., /germainapm/workspace/app)

   • oauthAuthentication: true
     

     

4. Go to System > Auth Settings > Authentication.

5. Click the Plus button to add a new Authentication Provider.
   

   

6. Select OAuth Provider and click next.
   

   

7. Configure the provider settings:

   • Provider Name: Name for your Auth Provider

   • Client ID: <Client ID Copied from PingID>

   • Client Secret: <Client Secret Copied from PingID>

   • Authorization Grant Type: authorization_code

   • Redirect URI Template: {baseUrl}/login/oauth2/code/{registrationId}

   • Authorization URI: https://<yourPingIDDomain>/fss/as/authorization.oauth2

   • Token URI: https://<yourPingIDDomain>/fss/as/authorization.oauth2

   • User Info URI: https://<yourPingIDDomain>/fss/idp/userinfo.openid

   • JWK Set URI: https://<yourPingIDDomain>/fss/pf/JWKS

   • User Name Attribute: email

   • JWS Algorithm: (leave blank)

   • Role List Path: (leave blank)

   • Scope values: openid, profile, email, roles
     

     

     

     

8. Click Finish.

9. Restart the Tomcat services to apply the changes.

Once completed, the login page should display the "Login with PingID" OAuth provider option.

Service: Authentication

Feature Availability: 2023.1 or later