Java Integration Kit

Using separate IdP and SP servers

This configuration requires some familiarity with PingFederate and SSL certificate management.

You may also choose to deploy the data.zip archive on separate PingFederate servers functioning as in a specific identity-federation role. To do this, deploy the archive on each server, and then deactivate the identity provider (IdP) federation role on one server and the service provider (SP) role on the other.

You will then need to change the Base URL on the General Info screens for each connection to the respective partner’s host and port (to update SSO/SLO partner protocol endpoints).

Finally, you may need to install and exchange new SSL server certificates on each server to re-establish trust between them.