DNN OAuth Single Sign-On (SSO) Using PingFederate As OAuth Provider

DNN OAuth Single Sign-On (SSO) authentication provider gives the ability to enable OAuth Single Sign-On for your DotNetNuke site. Using Single Sign-On you can use only one password to access your DotNetNuke site and services. Our authentication provider is compatible with all the OAuth compliant identity providers. Here we will go through a step-by-step guide to configure Single Sign-On (SSO) between DNN and PingFederate considering PingFederate as OAuth Provider. To know more about the other features we provide for DNN OAuth Single Sign-On (SSO), click here.

Pre-requisites: Download and Installation

• Download the DNN Oauth Single Sign On authentication provider with above link.
• Upload the installation package dnn-oauth-single-sign-on_xxx_Install by going in Settings > Extension > Install Extension.
• Now under the Installed extensions tab select Authentication Systems. Here you can see the miniOrange DNN OAuth Authentication Provider.

• Just click on the pencil icon as mentioned in the image below to configure the DNN OAuth Authentication Provider.

• You have finished with the installation of the Authentication Provider on your DNN site.

Steps to configure DNN Single Sign-On (SSO) using PingFederate as IDP

1. Configure Authentication Provider for Setting up OAuth Single Sign-On (SSO)

• For configuring application in the authentication provider, click on the Add New Provider button in the Identity Provider Settings tab.


Select your Identity Provider

• Select your Ping Federate as Identity Provider from the list. You can also search for your Identity Provider using the search box.

2. Configure PingFederate as OAuth Provider

• To configure OAuth Provider application, Login to your PingFederate User Admin dashboard.
• Click on the OAuth Server in the left navigation menu.
• Under Clients, click on Create New.

• Enter the Client ID, Name and Description. Select Client Secret in Client Authentication and click on Generate Secret. Take a note of your Client ID & Client Secret which you will require in Step 3 to configure miniOrange ASP.NET OAuth Client.

• Copy the Redirect/Callback URL from the miniOrange ASP.NET OAuth Client and enter it in Redirect URIs field and click on Add. Select the Authorization Code grant type and click on Save.

• You have successfully completed your Ping Federate App OAuth Server side configurations.



Ping Federate Endpoints and Scope:




Client ID :	Click Here
Client Secret :	Click Here
Scope:	openid
Authorize Endpoint:	https://{your-base-url}/as/authorization.oauth2
Access Token Endpoint:	https://{your-base-url}/as/token.oauth2
Get User Info Endpoint:	https://{your-base-url}/idp/userinfo.oauth2

3. Configuring OAuth Provider

• Copy the Redirect/Callback URL and provide it to your OAuth provider.

4. Configuring OAuth Client

• Configure Client ID, Client Secret, update the endpoints if required and save the settings.

5. Test Configuration

• Now go to the Identity Provider Settings tab.
• Under the select actions click on the Test Configuration button to verify if you have configured the authentication provider correctly.

• On successful configuration, you will get Attribute Name and Attribute Values in the Test Configuration window.

6. Attribute Mapping

• For attribute mapping select the Edit Configuration from the select actions dropdown.
• Map email and username with Attribute Name you can see in Test Configuration window and save the settings.

You can configure the ASP.NET OAuth Single Sign-On (SSO) with any identity provider such as Azure AD, Azure B2C, Keycloak, Okta, OneLogin, Salesforce, AWS Cognito, PingFederate, Auth0, ClassLink, WSO2, Discord or even with your own custom identity provider. To check other identity providers, click here.

Additional Resources

• DNN OAuth Single Sign-On (SSO)
• DNN SAML Single Sign-On (SSO)
• ASP.NET OAuth Single Sign-On (SSO)
• nopCommerce OAuth Single Sign-On (SSO)
• nopCommerce SAML Single Sign-On (SSO)