PingFederate supports the use of scopes to constrain and define access privileges.

Prerequisites

Review the Prerequisites to Configure vCenter Server Identity Provider for PingFederate.

Log in to the PingFederate Admin console with an Administrator Account.

Procedure

  1. Go to System > OAuth Settings > Scope Management.
  2. On the Common Scopes tab, add the following Scope Values along with a description. Click Add after entering each value and description.
    • openid
    • profile
    • email
  3. Skip the Exclusive Scopes tab.
  4. On the Default Scope tab, enter a description for Default Scope.
    A description is required. If Default Scope Description is empty, PingFederate logs the following error:

    The requested scope is invalid, unknown, malformed, or exceeds that which the client is permitted to request.

  5. Click Save.

What to do next

Continue with Create a Common Configuration for PingFederate Workflows.