Nav

To Configure Client Management PingFederate

  1. Log into the master Organization in Anypoint Platform as Administrator.

  2. In Anypoint Platform, click Access Management > External Identity.

  3. From Client Management, select PingFederate.

    The Client Management PingFederate form appears.

  4. Fill in the following required fields:

    • OAuth2 Authorization Provider, Authorize URL

      The authorization endpoint defined by OAuth 2.0 and used to interact directly with resource owners, authenticate owners, and obtain owner authorization. For example:

      https://ec2-55-88-144-83.us-west-2.compute.amazonaws.com:9031/as/authorization.oauth2

    • OAuth2 Token Provider, Create URL

      The endpoint that creates an access token for OAuth authentication. For example:

      https://ec2-55-88-144-83.us-west-2.compute.amazonaws.com:9031/as/token.oauth2

    • OAuth2 Token Validation Provider

      • Validate URL

        The token endpoint defined in the OAuth 2.0 specification where the client obtains an access token and possibly a refresh token by presenting its authorization grant. For example:

        https://ec2-55-88-144-83.us-west-2.compute.amazonaws.com:9031/as/token.oauth2

      • Username Token Mapping

        The name of the user requesting access. For example, the username mapping token uid.

      • Client Id

        The optional client identifier that is the username of the client being authenticated using HTTP Basic Authentication.

      • Client Secret

        The optional client password of the client being authenticated using HTTP Basic Authentication.

    • OAuth 2 Client Provider

      • Create URL

        The URL at which the PingFederate client management API resources are served. For example:

        https://ec2-55-88-144-83.us-west-2.compute.amazonaws.com:9031/pf-ws/rest/oauth/clients

        The base URL could be the base URL for your server. Confirm this with your PingFederate administrator.

      • Delete URL

        URL destination for sending a DELETE request to delete a test client. For example:

        https://ec2-55-88-144-83.us-west-2.compute.amazonaws.com:9031/pf-ws/rest/oauth/clients/{{client_id}}

      • Username

        Name of user with privileges for creating new clients within the target PingFederate system.

      • Password

        Password of user with privileges for creating new clients within the target PingFederate system. If you do not want to share your password as open text, contact MuleSoft through your Account Executive to provide the password in another way.

  5. Check Bypass approval page if you already have approval.

  6. Save your configuration.