Configuring PingAccess for server-side session management
Configure PingAccess to enable server-side session management.
Steps
-
Sign on to the PingAccess administrative console.
-
Click Access and then go to Web Sessions → Web Sessions.
-
In PingAccess, go to Access → Web Sessions, click the Expand icon to view more details about the web session associated with your API application, then click the Pencil icon.
-
-
Click either Create a new web session or Edit an existing web session.
-
Enter a unique Name for the web session, up to 64 characters, including special characters and spaces.
-
Specify the Audience that the PingAccess token is applicable to, represented as a short, unique identifier between 1 and 32 characters.
Requests are rejected that contain a PingAccess token with an audience that differs from what is configured in the web session associated with the target application. Changing this setting might affect existing ongoing sessions, forcing the user to re-authenticate to access protected resources.
-
In the Client ID field, enter the Client ID defined in PingFederate.
-
In the Client Credentials Type section, select Secret, and then enter the Client Secret associated with the specified Client ID.
-
Click Show Advanced.
-
To enable the server-side session management feature, select Validate Session.
-
Click Save.