Internet Information Services (IIS) Integration Kit

Internet Information Services (IIS) Integration Kit

The Internet Information Services (IIS) Integration Kit allows PingFederate to coordinate user authentication and single sign-on (SSO) between an IIS web application and an identity provider (IdP).

For new integrations, try the Agentless Integration Kit. It can integrate with a variety of platforms using a modern RESTful approach, and it doesn’t require you to integrate agent software into your application.

Components

OpenToken Adapter

Installed in PingFederate, this adapter uses the secure OpenToken standard to pass user attributes and session information from PingFederate to the OpenToken IIS Module on the IIS server.

OpenToken IIS Agent

Installed on the server running IIS, this program watches for protected resource requests and determines whether to grant access or redirect the user to PingFederate for authentication with an IdP.

OpenToken HTTP Module

Installed in IIS, this module reads OpenToken payloads from PingFederate that contain user attributes and session information.

Intended audience

This document is intended for PingFederate administrators and web application developers.

If you need help during the setup process, see the following sections of the PingFederate documentation:

System requirements

  • PingFederate 9.0 or later

  • IIS 7.0 or later using Integrated Mode

  • ASP .NET application with .NET Framework 4.0