Adding an identity provider - Yahoo
Adding Yahoo as an external identity provider (IdP) gives your users the option to sign on with Yahoo when accessing your application.
Before you begin
Ensure that you have:
-
A PingOne organization with an environment added. Learn more in Starting a PingOne trial.
-
Added your application to PingOne. Learn more in Adding an application.
-
A Yahoo account
Creating the application with Yahoo
To enable signing on with Yahoo, create the application on the Yahoo Developers page. Yahoo generates a client ID and client secret to identify the application. Learn more in Getting Started in the OpenID Connect section of the Yahoo Developer site.
Steps
-
Go to the Yahoo Developer site and sign on to your account.
If you haven’t created a Yahoo Developer account, you can do so now.
-
Click the Create an App button.
-
Enter a name for the application.
-
For Application type, select Web application.
-
Leave Redirect URI blank for now.
You will get this value from PingOne and enter it later.
-
In the API Permissions section, select OpenID Connect Permissions, and then select Email and Profile.
-
Leave the page open so you can return later to enter the Redirect URI.
Adding Yahoo as an identity provider in PingOne
Configure the IdP connection in PingOne.
Before you begin
Ensure that registration is enabled in the authentication policy. Learn more in Editing an authentication policy.
Steps
-
In the PingOne admin console, go to Integrations > External IdPs and click .
-
Click Yahoo.
-
Click Next.
-
On the Add External Identity Provider page, enter the following information:
-
Name: A unique identifier for the IdP.
-
Description (optional): A brief description of the IdP.
-
Population: A population that overrides the authentication policy’s registration population and enables just-in-time registration from the IdP.
You can’t change the Icon and Sign-on Button in accordance with the provider’s brand standards.
-
-
Click Next.
-
Copy the value for Callback URL to a secure location.
-
Leave the page open so you can return later to enter the values for Client ID and Client secret.
Finishing creating the application with Yahoo
Add the callback URL from the PingOne admin console to your Yahoo application.
Before you begin
Ensure you have the callback URL from the PingOne admin console that you copied in Adding Yahoo as an identity provider in PingOne.
Steps
-
Go to the Yahoo Developers page.
-
For Callback URL, enter the value that you copied from the PingOne admin console on the Configure Connection page.
-
Click Create App.
Finishing adding the identity provider in PingOne
After you have created the application with Yahoo, copy the values for client ID and client secret and enter them into PingOne.
Steps
-
Go to the Yahoo Developers page.
-
Copy the values for Client ID and Client Secret to a secure location.
-
In the PingOne admin console, configure the connection and enter the following information:
-
Client ID: The application ID that you copied from the IdP. You can find this information on the Yahoo Developers site.
-
Client Secret: The application secret that you copied from the IdP. You can find this information on the Yahoo Developers site.
-
Callback URL: The URL to which the user will be redirected after authenticating.
-
-
Click Next.
-
Define how the PingOne user attributes are mapped to IdP attributes. Learn more in Mapping attributes.
-
Enter the PingOne user profile attribute and the external IdP attribute. Learn more about attribute syntax in Identity provider attributes.
-
To add an attribute, click Add.
-
To use the advanced expression builder, click the Gear icon. Learn more in Using the expression builder.
-
Select the update condition, which determines how PingOne updates its user directory with the values from the IdP. The options are:
-
Empty only: Update the PingOne attribute only if the existing attribute is empty.
-
Always: Always update the PingOne directory attribute.
-
You can map the following attributes provided by Yahoo:
-
sub -
name -
given_name -
family_name -
email -
picture -
nickname -
locale
-
-
Click Save.