Configuring the token provider
Establish communication with the token provider, PingFederate.
About this task
For more information, see Manage Token Provider.
Steps
-
Click Settings and then go to System → Token Provider → PingFederate → Runtime.
-
In the Issuer field, enter the PingFederate issuer URI.
-
From the Trusted Certificate Group list, select the PingFed certificate group.
-
Click Save.
-
Click Settings and then go to System → Token Provider → PingFederate → Administration.
-
In the Host field, enter the host name or Internet Protocol (IP) address for the PingFederate Admin.
For example,
mypingfedserver
. -
In the Port field, enter the port number for the PingFederate Admin.
For example,
9999
. -
In the Admin Username field, enter the username.
This username only requires auditor (read only) permissions in PingFederate.
-
In the Admin Password field, enter the password.
-
From the Secure list, select Secure.
-
From the Trusted Certificate Group list, select the PingFed certificate group.
-
Click Save.
-
Click Settings and then go to System → Token Provider → PingFederate → OAuth Resource Server.
-
In the Client ID field, enter the OAuth Client ID you defined when creating the PingAccess OAuth client in PingFederate.
For example,
pa_rs
. -
In the Client Credentials Type section, select Secret, then enter the Client Secret assigned when you created the PingAccess OAuth client in PingFederate.
-
In the Subject Attribute Name field, enter the attribute you want to use from the OAuth access token as the subject for auditing purposes.
For example,
username
. -
Click Save.
Next steps
You can configure PingAccess to Protect a web application.