Adding an identity provider - Twitter
Adding Twitter as an external identity provider gives your users the option to sign in with Twitter when accessing your application.
Before you begin
Ensure that you have:
-
A PingOne organization with an environment added. Learn more in Starting a PingOne trial.
-
Added your application to PingOne. Learn more in Adding an application.
Registering the application with Twitter
To enable signing on with Twitter, you must register your application with Twitter.
Steps
-
Go to the Twitter Developer site at developer.twitter.com.
If you haven’t created a Twitter Developer account, you can do so now.
-
Click Create an app.
-
Enter the appropriate information.
-
Select Enable sign in with Twitter.
-
Click Create.
Enabling email communication
Enable email communication to retrieve a user’s email address from Twitter.
Steps
-
Go to the Twitter Developer site at developer.twitter.com.
-
Select your application.
-
Click Edit and then click Edit details.
-
Click the Permissions tab, and then click Edit.
-
Enable the Request email addresses from users option.
-
Click Save.
Getting the API key and API secret
When you register your application, Twitter generates an API key to identify the application.
Steps
-
Go to the Twitter Developer site at developer.twitter.com.
-
Select your application.
-
Click the Keys and tokens tab.
-
Copy the following values to a secure location:
-
API key: The consumer key that identifies the application.
-
API secret key: The consumer secret that secures the application.
-
Adding Twitter as an identity provider in PingOne
Configure the identity provider connection in PingOne.
Before you begin
Ensure that registration is enabled in the authentication policy. See Editing an authentication policy.
You should have the following information ready:
-
API key
-
API secret key
Learn more in Getting the API key and API secret.
Steps
-
In PingOne, go to Integrations → External IdPs.
-
Click Add Provider.
-
Click Twitter.
-
On the Create Profile page, enter the following information:
-
Name: A unique identifier for the identity provider.
-
Description: (Optional). A brief description of the identity provider.
You cannot change the icon and login button, in accordance with the provider’s brand standards.
-
-
Click Next.
-
On the Configure Connection page, enter the following information:
-
API key: The consumer key that you copied earlier from the identity provider. You can find this information on the Twitter Developers site.
-
API secret key: The consumer secret that you copied earlier from the identity provider. You can find this information on the Twitter Developers site.
-
Callback URL: The URL to which the user will be redirected after authenticating. This value is read-only. You’ll provide this value to the identity provider later.
-
-
Click Save and Continue.
-
On the Map Attributes page, define how the PingOne user attributes are mapped to identity provider attributes. For more information, see Mapping attributes.
-
Enter the PingOne user profile attribute and the external IdP attribute. For more information about attribute syntax, see Identity provider attributes.
-
To add an attribute, click Add attribute.
-
To use the expression builder, click Build and test or Advanced Expression. See Using the expression builder.
-
Select the update condition, which determines how PingOne updates its user directory with the values from the identity provider. The options are:
-
Empty only: Update the PingOne attribute only if the existing attribute is empty.
-
Always: Always update the PingOne directory attribute.
-
-
-
Click Save and Close.
Adding the callback URL to the Twitter Developers site
Copy the callback URL and paste it in the Twitter Developers site.
Steps
-
In PingOne, go to Integrations → External IdPs.
-
Locate the appropriate IdP and then click the Details icon to expand the IdP.
-
Click the Connection tab.
-
Copy the callback URL and paste it in a secure location.
-
On the Twitter Developer site, select your application.
-
Click the App details tab.
-
For Callback URL, paste the value that you copied earlier.
-
Click Save.
Next steps
-
Enable the external IdP. See Enabling or disabling an identity provider.
-
Add the IdP to your authentication policy. See Editing an authentication policy.
-
Add the authentication policy to your application. See Applications.