PingAccess

Using the administrative API and a new token to disable SSO

If basic authorization is disabled but administrative application programming interface (API) OAuth is enabled, you can also use the administrative API to disable single sign-on (SSO).

Steps

  1. Retrieve a valid token for admin API OAuth from your token provider.

  2. Submit a PUT request to https://pa-host/pa-admin-api/api version/auth/oidc with the valid access token, where pa-host is the hostname:port for the PingAccess admin node and api-version is the API version (v3 on PingAccess 5.0 or later, and v2 on 4.X).

    The request body must contain:

    {
     "enabled": false,
    }

Result

You can sign on normally and reconfigure the SSO from Settings → Admin UI Authentication → Authentication Method.