Before you start
Things you need to know:
This article is part of a process. Start with the article Set up Single Sign-On (SSO) for your account, and we will direct you to this article at the correct point in the process.
1. Add a new Application
In Ping SSO, go to Applications.
Select + to add a new application.
For Application name, enter a name for your application.
Use a name that's easy to identify, such as Dotdigital.
If you want, enter a description and add an icon.
For Choose Application Type, select OIDC Web App.
2. Edit your application configuration
After adding your application, select the Configuration tab.
For Response type, keep the default setting of Code.
For Grant Type, keep the default settings of Authorization Code, and PKCE Enforcement Optional.
Under Grant Type, select Refresh Token. Keep your Refresh Duration and Refresh Token Rolling Duration as the default 30 Days and 180 Days.
For Redirect URLs, enter `https://login.dotdigital.com/Sso/Authenticate`.
For Token Endpoint Authentication Method, select Client Secret Post.
A list of URLs is displayed. Copy the OIDC Discovery Endpoint (also called: metadata endpoint), Client ID, and Client Secret. and save them for later.
3. Edit your resources and enable the application
Go to the Resources tab, then select Edit.
From the SCOPES menu, drag email, phone, and profile into the ALLOWED SCOPES section.
Turn on the toggle switch to enable the application.
You now have all the information you need to set SSO up on your account.