White Papers
Dell EMC OpenManage Enterprise Login with PingFederate
Dell EMC OpenManage Enterprise Login with PingFederate | 454
2.3 Enable Dynamic Client registration in Ping Federate
Dynamic Client Registration allows OME to register clients on PingFederate via APIs either by using
username and password or Initial Access Token. By default, Dynamic Client registration is disabled on
PingFederate and is enabled only when external data sources such as an external database or AD/LDAP is
configured in PingFederate.
To enable Dynamic Client Registration, do the following:
1. Log into PingFederate as an admin user.
2. Navigate to System-> OAuth Settings -> Client Settings -> Dynamic Client Registration.
3. Select all the check boxes of the fields as shown in Figure 6.
4. Select any existing scope for INITIAL ACCESS TOKEN SCOPE or create a new scope called
DynamicClientRegistration scope similar to configuring dxcua in Configuration of Scope in
PingFederate section.
Figure 6 - PingFederate: Client Settings
It is recommended to select ROTATE CLIENT SECRET and ROTATE REGISTRATION ACCESS TOKEN which
will change Client Secret and Registration Access Token when modifying or querying client registration.
PingFederate will not allow Dynamic OAuth client registration using both username and password and Initial
Access Token at the same time. Disable REQUIRE INITIAL ACCESS TOKEN for username and password-
based OAuth client registration to be successful. When Require Initial access token is enabled, only access
token will work for registration.