Using the administrative API and a new token to disable SSO
If basic authorization is disabled but administrative application programming interface (API) OAuth is enabled, you can also use the administrative API to disable single sign-on (SSO).
Steps
-
Retrieve a valid token for admin API OAuth from your token provider.
-
Submit a PUT request to
https://pa-host/pa-admin-api/api version/auth/oidc
with the valid access token, where pa-host is thehostname:port
for the PingAccess admin node and api-version is the API version (v3
on PingAccess 5.0 or later, andv2
on 4.X).The request body must contain:
{ "enabled": false, }
Result
You can sign on normally and reconfigure the SSO from Settings → Admin UI Authentication → Authentication Method.