PingAccess

Using the administrative API and a new token to disable SSO

If basic authorization is disabled but administrative application programming interface (API) OAuth is enabled, you can also use the administrative API to disable single sign-on (SSO).

Steps

  1. Retrieve a valid token for admin API OAuth from your token provider.

  2. Submit a PUT request to https://<pa-host>/pa-admin-api/<api version>/auth/oidc with the valid access token, where <pa-host> is the hostname:port for the PingAccess admin node and <api-version> is the API version (v3 on PingAccess 5.0 or later, and v2 on 4.X).

    The request body must contain:

    {
     "enabled": false,
    }

Result

You can sign on normally and reconfigure the SSO from Settings → Admin UI Authentication → Authentication Method.