Associating the PCV with an IdP adapter instance
To use your new password credential validator (PCV) instance, you must associate it with an identity provider (IdP) adapter.
Before you begin
Configure the Azure AD PCV with either the HTTP Basic or HTML Form IdP Adapter in PingFederate.
- HTML Basic Adapter
-
The HTTP Basic Adapter provides user authentication through a PCV to integrate PingFederate with local authentication mechanisms. Learn more in HTTP Basic Adapter.
- HTML Form Adapter
-
The HTML Form Adapter supports user authentication when it occurs outside of the PingFederate server through an application or the authentication module of an identity access management (IAM) system that leverages multiple user repositories and a PCV instance. Learn more in HTML Form Adapter.
|
You can find help with configuring the IdP adapter instance in the PingFederate documentation: |
Steps
-
In the PingFederate admin console, go to Authentication > IdP Adapters and select the configured HTTP Basic or HTML Form IdP adapter.
-
Configure the adapter to use the PCV you created previously:
-
On the IdP Adapter tab, go to the Credential Validators section and click Add a new row to 'Credential Validators'.
-
In the Password Credential Validator Instance list, select the PCV you created in Configuring a password credential validator instance.
Example:
-
-
(Optional) Extend the contract.
When extending the contract, ensure you add the attributes in your PCV configuration and SP Connection too.
If using PingFederate as the SP, you must extend the attributes in your SP Adapter and IdP Connection also.
-
Save the configuration.
Next steps
After associating the Azure AD Password Credential Validator with an IdP adapter instance, you can test the PCV’s connection to the Microsoft Graph API.
In the PingFederate admin console, go to Applications > SP Connection. Use the configured SP connection to initiate SSO.