PingAccess

Configuring PingFederate for session management

Configure PingFederate to revoke PingAccess session cookies.

Steps

  1. Sign on to the PingFederate Administrative Console

  2. If you are using PingFederate 10.0 or earlier, go to Server Configuration → Server → Protocol settings → Roles & Protocols and ensure that Enable OAuth 2.0 Authorization Server (AS) role and OpenID Connect are enabled.

  3. Go to System → OAuth Settings → Authorization Server Settings and configure the authorization server settings.

  4. Go to the client management section.

    Choose from:

    • If you are using PingFederate 10.0 or earlier, go to System → OAuth Settings → Client Management.

    • If you are using PingFederate 10.1 or later, go to Applications → OAuth → Clients.

  5. Create or modify an existing client.

  6. Ensure that Client Secret is enabled, and then enter a client secret to be used by PingAccess for authentication.

  7. Grant access to the Session Revocation API.

    Choose from:

    • If you are using PingFederate 10.0 or earlier, in the OpenID Connect section of the client’s configuration page, enable Grant Access to Session Revocation API.

    • If you are using PingFederate 10.1 or later, beside Session API Endpoints, select Allow Access to Session Revocation API.

      This setting is the main setting that enables the server-side session management feature in PingFederate.

  8. Click Save to save your changes.