PingFederate

Following the OAuth 2.0 standard, ModelOp Center requires the following PingFederate configurations for a successful integration:

  1. Data Store

    1. PingDirectory

  2. (Custom) Common Scope

    1. modelop_client

  3. OAuth Clients

    1. gateway-service

    2. internal-client

    3. go-cli

    4. external-integration-client

Proposed
Client ID

Client
Secret
Required

Redirect
URIs

Allowed Grant
Types

OpenID
Connect
Scopes

Custom
Scopes

Proposed
Client ID

Client
Secret
Required

Redirect
URIs

Allowed Grant
Types

OpenID
Connect
Scopes

Custom
Scopes

gateway-service
(C2B)

  • <ModelOp Center URL>/login/oauth2/code/gateway-service

  • Authorization
    Code

  • Refresh
    Token

  • Access Token
    Validation

  • openid

  • profile

  • email

 

internal-client
(B2B)

 

  • Client
    Credentials

  • Access Token
    Validation

 

  • modelop_client

go-cli
(C2B)

 

  • Resource Owner
    Password
    Credentials

  • Refresh Token

  • openid

  • profile

  • email

 

external-integration-client
(C2B)

 

  • <ModelOp Center URL>/jupyterOauth2ImplicitGrant.html

  • <ModelOp Center URL>/modelOpWDC.html

  • https://oauth.powerbi.com/views/oauthredirect.html

  • Implicit

  • Authorization
    Code

  • Refresh
    Token

  • openid

  • profile

  • email

 

Required User Attributes

  • Family name

  • Given name

  • User name

  • Email

  • Group(s)

PingFederate Guide

For instructions on how to create the custom modelop_client scope, please follow the PingFederate: How-to guide.