Integrating PingID SSO

Table of Contents

How Does It Work?

Setup in PingID

Connect PingID from Within Findem

Enabling SSO Only Logins

How Does It Work?

Setup in PingID

First, we'll need to create an OIDC web application in your PingID environment.

1. As the PingID Admin user, get started by heading to your PingID Admin Console, click Applications > Add Application.
2. Select OIDC Web App.
   
3. Configure the Redirect URI and Authentication options with the following values:
   • Redirect uri : https://matches.findem.ai/auth/pingid/callback
   • Response Type: Code
   • Grant Type: Authorization Code
     • PKCE Enforcement: OPTIONAL
   • Token Endpoint Authentication Method: Client Secret Post
     
4. Leave the rest of the settings as default, then click Save.
5. From the Configuration tab, find the Issuer value and copy & paste it somewhere you'll remember. You'll need it shortly.
   
6. Scroll down to General and copy & paste the Client ID and Client Secret values.
   
7. Head to the Resources tab and select the following scopes:
   • email
   • openid
   • profile

Assign Users in PingID

Once you've successfully created the app and copied over all the required information, it's time to allow access to your users to it from within PingID.

1. From the Access tab, select a user group so that users of that group can access the Findem portal using pingID authentication. If a group does not yet exist, you'll need to create one.
2. Ensure all yours you want to have Findem access are part of the group.
   

OIDC Web App Summary in PingID

1. From the app's main page, click the Overview tab.
2. Copy and paste the Client ID and Client Secret somewhere you have easy access to. You will need them shortly.

Connect PingID from Within Findem

1. As the PingID Admin user, in Findem, navigate to Admin > Organization Settings.
   1. From the Security tab, click Connect Ping ID.
   2. Enter the configuration values for:
      • Issuer: Paste the Issuer value you copied from PingID earlier.
      • Client Id: Paste the Client ID you copied from PingID earlier.
      • Client Secret: Paste the secret code you from PingID earlier.
        
   3. Click Save.
   4. Now your users will be able to log in to Findem via their PingID credentials.

SSO Only Logins

If you would like to force users of your Findem instance to only login with PingID, submit a request with Findem Support requesting this. Note that this change must be performed via our Engineering team and may take a few days to execute.

Once complete, the only method users can use to log into Findem with will be via your org's PingID SSO.