Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry Enterprise ID
  3. BlackBerry Enterprise Identity Administration Guide
  4. Using authenticator level ranking and authentication policies to manage security
  5. Allowing users to authenticate with PingFederate
  6. Create a Ping Identity client on a PingFederate server

Create a 
Ping Identity
 client on a 
PingFederate
 server

Before your 
BlackBerry Enterprise Identity
 users can authenticate with 
PingFederate
, you must set up a 
Ping Identity
 client on your organization’s 
PingFederate
 server.
  1. Log in to the PingFederate administration console.
  2. Click 
    OAuth Server
    .
  3. Under the Clients column, click 
    Create New
    .
  4. In the 
    Client ID
     field, type a unique ID for the client. Note that you will use this same ID when you set up the Identity provider in 
    BlackBerry UEM
    .
  5. Type a name and description for the client.
  6. In the Client Authentication section, click 
    Private Key JWT
    .
  7. Select the 
    Require Signed Requests
     option.
  8. To generate a JSON Web Key Set, go to https://mkjwk.org/.
  9. Click the 
    Elliptic curve
     tab.
  10. In the 
    Curve
     drop-down list, select 
    P-256
    .
  11. In the 
    Algorithm
     drop-down list, select 
    ES256
    .
  12. Click 
    New Key
    .
  13. Copy the key from the 
    Keypair set
     field. Note that you will use this same key in the Configure an Identity provider in BlackBerry UEM task.
  14. Paste the key into the 
    JWKS
     field in the PingFederate site.
  15. In the 
    Redirect URI
     field, add the URI of your organization’s PingFederate server, and click 
    Add
    .
  16. In the 
    Allowed grants
     section, select the 
    Authorization Code
     option.
  17. In the 
    ID Token Signing Algorithm
     drop-down list, select any of the 
    ECDSA
     options. Note that you use same option in the Configure an Identity provider in BlackBerry UEM task.
  18. Click 
    Save
    .