PingOne

Adding an identity provider - LinkedIn

Adding LinkedIn as an external identity provider (IdP) allows your users to sign on with LinkedIn when accessing your application.

Before you begin

Ensure that you have:

Registering the application with LinkedIn

LinkedIn generates a client ID and client secret for your application. You’ll need these values to connect the application to PingOne.

Steps

  1. Go to the LinkedIn Developers page.

  2. Click Create app.

    You’ll be prompted to sign on to your LinkedIn account.

  3. Enter the following information:

    • App name: A unique name for the application. It must be fewer than 50 characters.

    • LinkedIn Page: The LinkedIn company page to be associated with your application.

    • App logo: The logo users see when they authenticate to your application.

  4. Click Create app.

  5. On the Product tab, locate Sign In with LinkedIn using OpenID Connect in the list of products and click Request access.

  6. On the Auth tab, copy the Client ID and Primary Client Secret to a secure location.

  7. In the OAuth 2.0 Settings section, you’ll see an empty field for Redirect URLs, which is the path in your application that users are redirected to after they have authenticated with LinkedIn. Leave this value blank for now.

Learn more

Adding LinkedIn as an identity provider in PingOne

Configure the IdP connection in PingOne.

Before you begin

Ensure that registration is enabled in the authentication policy. Learn more in Editing an authentication policy.

You should have the following information ready:

  • Client ID

  • Client secret

Steps

  1. In PingOne, go to Integrations > External IdPs.

  2. Click Add Provider.

  3. Click LinkedIn.

  4. On the Create Profile page, enter the following information:

    • Name: A unique identifier for the IdP.

    • Description (optional): A brief description of the IdP.

    You can’t change the Icon[.uicontrol] and Login button in accordance with the provider’s brand standards.

  5. Click Next.

  6. On the Configure Connection page, enter the following information:

    • Client ID: The client ID that you copied earlier from the IdP. You can find this information on the Auth page on the LinkedIn Developers site.

    • Client secret: The application secret that you copied earlier from the IdP. You can find this information on the Auth tab on the LinkedIn Developers site.

  7. Click Save and Continue.

  8. On the Map Attributes page, define how the PingOne user attributes are mapped to IdP attributes.

    Learn more in Mapping attributes.

    • Enter the PingOne user profile attribute and the external IdP attribute. Learn more about attribute syntax in Identity provider attributes.

    • To add an attribute, click Add attribute.

    • To use the expression builder, click Build and test or Advanced Expression. Learn more in Using the expression builder.

    • Select the update condition, which determines how PingOne updates its user directory with the values from the IdP. The options are:

      • Empty only: Update the PingOne attribute only if the existing attribute is empty.

      • Always: Always update the PingOne directory attribute.

  9. Click Save and Close.

Adding the callback URL to the LinkedIn Developer page

Copy the callback URL and paste it into the LinkedIn Developers page.

Steps

  1. In PingOne, go to Integrations > External IdPs.

  2. Locate the appropriate IdP and click the Details icon to expand the IdP.

  3. On the Connection tab, copy the callback URL and paste it to a secure location.

  4. Go to the LinkedIn Developers page.

  5. In the My Apps list at the top of the page, select the appropriate application.

  6. On the Auth tab, click the Pencil icon in the OAuth 2.0 settings section.

  7. Click Add redirect URL.

  8. Paste the callback URL that you copied from PingOne.

  9. Click Update.