Configuring PingFederate for session management
Configure PingFederate to revoke PingAccess session cookies.
Steps
-
Sign on to the PingFederate Administrative Console
-
If you are using PingFederate 10.0 or earlier, go to Server Configuration → Server → Protocol settings → Roles & Protocols and ensure that Enable OAuth 2.0 Authorization Server (AS) role and OpenID Connect are enabled.
-
Go to System → OAuth Settings → Authorization Server Settings and configure the authorization server settings.
-
Go to the client management section.
Choose from:
-
If you are using PingFederate 10.0 or earlier, go to System → OAuth Settings → Client Management.
-
If you are using PingFederate 10.1 or later, go to Applications → OAuth → Clients.
-
-
Create or modify an existing client.
-
Ensure that Client Secret is enabled, and then enter a client secret to be used by PingAccess for authentication.
-
Grant access to the Session Revocation API.
Choose from:
-
If you are using PingFederate 10.0 or earlier, in the OpenID Connect section of the client’s configuration page, enable Grant Access to Session Revocation API.
-
If you are using PingFederate 10.1 or later, beside Session API Endpoints, select Allow Access to Session Revocation API.
This setting is the main setting that enables the server-side session management feature in PingFederate.
-
-
Click Save to save your changes.