Step 4: Create OIDC provider in destination environment

POST {{apiPath}}/environments/{{destinationEnvID}}/identityProviders

Create a new OIDC identity provider in the destination environment using a POST {{apiPath}}/environments/{{destinationEnvID}}/identityProviders request.

In the request body, the IdP name must be unique to the environment.
Set clientId to the UUID of the application you created in step 2.
Set clientSecret to the value returned in step 3.
The discoveryEndpoint in the request body is the discovery endpoint for the source environment.

See the example request body for other required properties. The response returns an identity provider ID that you'll use in step 6.

See Create Identity Provider (OpenID Connect) for more information.

Request Body

{"description"=>"Custom OpenID Connect Provider in Destination Env", "enabled"=>true, "name"=>"OpenIDConnectIdP_{{$timestamp}}", "type"=>"OPENID_CONNECT", "clientId"=>"{{oidcAppSourceID}}", "clientSecret"=>"{{oidcAppSourceClientSecret}}", "authorizationEndpoint"=>"https://auth.pingone.com/{{sourceEnvID}}/as/authorize", "tokenEndpoint"=>"https://auth.pingone.com/{{sourceEnvID}}/as/token", "userInfoEndpoint"=>"https://auth.pingone.com/{{sourceEnvID}}/as/userinfo", "jwksEndpoint"=>"https://auth.pingone.com/{{sourceEnvID}}/as/jwks", "issuer"=>"https://auth.pingone.com/{{sourceEnvID}}/as", "scopes"=>["openid", "CUSTOM_SCOPE"], "tokenEndpointAuthMethod"=>"CLIENT_SECRET_BASIC", "discoveryEndpoint"=>"https://auth.pingone.com/{{sourceEnvID}}/as/.well-known/openid-configuration"}

HEADERS

Key	Datatype	Required	Description
`Authorization`	string
`Content-Type`	string