Amazon IdP Adapter settings reference

Field descriptions for the Amazon IdP Adapter configuration screen.

Standard fields

Field Description

Field	Description
Client ID	The client ID that you noted in Registering PingFederate as a security profile in Amazon.
Client Secret	The client secret that you noted in Registering PingFederate as a security profile in Amazon.
Error Redirect URL	When an error occurs in the adapter, PingFederate redirects the browser to this URL instead of the default error page. This field is blank by default.
Unauthorized Redirect URL	When a user denies the requested Amazon permissions, PingFederate redirects the browser to this URL instead of the default error page. This field is blank by default.
Authorization Callback Endpoint	The PingFederate endpoint that Amazon uses to respond to authorization requests. If you set a custom endpoint in the Authorization callback URL field in Registering PingFederate as a security profile in Amazon, change this field to match. This default value is `/amazon-authn`.

Client ID

The client ID that you noted in Registering PingFederate as a security profile in Amazon.

Client Secret

The client secret that you noted in Registering PingFederate as a security profile in Amazon.

Error Redirect URL

When an error occurs in the adapter, PingFederate redirects the browser to this URL instead of the default error page.

This field is blank by default.

Unauthorized Redirect URL

When a user denies the requested Amazon permissions, PingFederate redirects the browser to this URL instead of the default error page.

This field is blank by default.

Authorization Callback Endpoint

The PingFederate endpoint that Amazon uses to respond to authorization requests. If you set a custom endpoint in the Authorization callback URL field in Registering PingFederate as a security profile in Amazon, change this field to match.

This default value is /amazon-authn.

Advanced fields

Field Description

Field	Description
Amazon Authorization URL	The URL that PingFederate uses to send authentication requests to Amazon. If Amazon changes this endpoint, enter the new URL. The default value is `https://amazon.com/ap/oa`.
Amazon Access Token URL	The URL that PingFederate uses to retrieve access tokens from Amazon. If Amazon changes this endpoint, enter the new URL. The default value is `https://amazon.com/auth/02/token`.
Amazon User Info URL	The URL that PingFederate uses to retrieve user data from Amazon. The default value is `https://api.amazon.com/user/profile`.
Scopes	The scopes that you want to request from Amazon. Separate scopes with a space. The default value is `profile`.
Amazon Sign-On Presentation	Determines how the adapter presents the Amazon sign-on form. Redirect (default) The adapter redirects the browser to the Amazon sign-on form. Pop-up window The adapter opens a new window with the Amazon sign-on form on a PingFederate template. Use this option if automatic redirects are blocked by your users' browsers. This setting has no effect when using the adapter through the PingFederate authentication API.
Amazon Pop-Up Template	The template file that presents the Amazon sign-on form. Applies only when Amazon Login Presentation is set to Pop-up window. The default value is `amazon-pop-up-template.html`.
Amazon Post-Auth Template	The template file that the adapter presents after the user signs on. Applies only when Amazon Login Presentation is set to Pop-up window. The default value is `amazon-post-auth-template.html`.
Amazon Messages File	The language-pack file associated with the Amazon pop-up template. The default value is `pingfederate-amazon-adapter-messages`.
Retry Request	Determines whether PingFederate will retry requests after it receives a response with a failure code. This check box is cleared by default.
Maximum Retries Limit	Determines how many times PingFederate retries a request. The default value is `5`.
Retry Error Codes	A list of response codes that should trigger a retry. Separate response codes with a comma. The default value is `403`.
API Request Timeout	The amount of time in milliseconds that PingFederate waits for Amazon to respond to requests. A value of `0` disables the timeout. The default value is `5000`.
Connection Timeout	The amount of time in milliseconds that PingFederate allows to establish a connection with Amazon. A value of 0 disables the timeout. The default value is `5000`.
Proxy Settings	Defines proxy settings for outbound HTTP requests. The default value is System Defaults.
Custom Proxy Host	The proxy server host name to use when Proxy Settings is set to Custom. This field is blank by default.
Custom Proxy Port	The proxy server port to use when Proxy Settings is set to Custom. This field is blank by default.

Amazon Authorization URL

The URL that PingFederate uses to send authentication requests to Amazon. If Amazon changes this endpoint, enter the new URL.

The default value is https://amazon.com/ap/oa.

Amazon Access Token URL

The URL that PingFederate uses to retrieve access tokens from Amazon. If Amazon changes this endpoint, enter the new URL.

The default value is https://amazon.com/auth/02/token.

Amazon User Info URL

The URL that PingFederate uses to retrieve user data from Amazon.

The default value is https://api.amazon.com/user/profile.

Scopes

The scopes that you want to request from Amazon. Separate scopes with a space.

The default value is profile.

Amazon Sign-On Presentation

Determines how the adapter presents the Amazon sign-on form.

Redirect (default): The adapter redirects the browser to the Amazon sign-on form.
Pop-up window: The adapter opens a new window with the Amazon sign-on form on a PingFederate template. Use this option if automatic redirects are blocked by your users' browsers.

This setting has no effect when using the adapter through the PingFederate authentication API.

Amazon Pop-Up Template

The template file that presents the Amazon sign-on form. Applies only when Amazon Login Presentation is set to Pop-up window.

The default value is amazon-pop-up-template.html.

Amazon Post-Auth Template

The template file that the adapter presents after the user signs on. Applies only when Amazon Login Presentation is set to Pop-up window.

The default value is amazon-post-auth-template.html.

Amazon Messages File

The language-pack file associated with the Amazon pop-up template.

The default value is pingfederate-amazon-adapter-messages.

Retry Request

Determines whether PingFederate will retry requests after it receives a response with a failure code.

This check box is cleared by default.

Maximum Retries Limit

Determines how many times PingFederate retries a request.

The default value is 5.

Retry Error Codes

A list of response codes that should trigger a retry. Separate response codes with a comma.

The default value is 403.

API Request Timeout

The amount of time in milliseconds that PingFederate waits for Amazon to respond to requests. A value of 0 disables the timeout.

The default value is 5000.

Connection Timeout

The amount of time in milliseconds that PingFederate allows to establish a connection with Amazon. A value of 0 disables the timeout.

The default value is 5000.

Proxy Settings

Defines proxy settings for outbound HTTP requests.

The default value is System Defaults.

Custom Proxy Host

The proxy server host name to use when Proxy Settings is set to Custom.

This field is blank by default.

Custom Proxy Port

The proxy server port to use when Proxy Settings is set to Custom.

This field is blank by default.