---
title: Enabling PingFederate roles and protocols
description: If you're using PingFederate 10.0 or earlier, ensure that PingFederate is configured to respond to OAuth and OpenID Connect (OIDC) requests.
component: pingaccess
version: 9.0
page_id: pingaccess:token_providers:pa_enabling_pf_roles_and_protocols
canonical_url: https://docs.pingidentity.com/pingaccess/9.0/token_providers/pa_enabling_pf_roles_and_protocols.html
revdate: July 25, 2025
section_ids:
  about-this-task: About this task
  steps: Steps
  example: Example:
  next-steps: Next steps
---

# Enabling PingFederate roles and protocols

If you're using PingFederate 10.0 or earlier, ensure that PingFederate is configured to respond to OAuth *(tooltip: \<div class="paragraph">
\<p>A standard framework that enables an application (OAuth client) to obtain access tokens from an OAuth authorization server for the purpose of retrieving protected resources on a resource server.\</p>
\</div>)* and OpenID Connect (OIDC) *(tooltip: \<div class="paragraph">
\<p>An authentication protocol built on top of OAuth that authenticates users and enables clients (relying parties) of all types to request and receive information about authenticated sessions and users. OIDC is extensible, allowing clients to use optional features such as encryption of identity data, discovery of OpenID Providers (OAuth authorization servers), and session management.\</p>
\</div>)* requests.

## About this task

You can find more information on PingFederate roles and protocols in [Choose roles and protocols](https://cdn-docs.pingidentity.com/archive/pdf/pingfederate/pingfederate-100.pdf#page=138).

## Steps

1. In the PingFederate administrative console, go to **System > Server > Protocol Settings**.

2. Click **Roles & Protocols** and verify that the following items are selected. Click **Next**.

   * **Enable OAuth 2.0 Authorization Server as Role** (role) and **OpenID Connect** (protocol)

   * **Enable Identity Provider (IdP) Role and Support the Following:** (role) and **SAML 2.0** (protocol)

3. On the **Federation Info** tab, enter the URL of your PingFederate environment and your Security Assertion Markup Language (SAML) *(tooltip: \<div class="paragraph">
   \<p>A standard, XML-based, message-exchange framework enabling the secure transmittal of authentication tokens and other user attributes across domains.\</p>
   \</div>)* 2.0 entity ID, then click **Next**.

   ### Example:

   * **Base URL**: `https://mypingfedserver:9031`

   * **SAML 2.0 Entity ID**: `https://mypingfedserver/idp`

4. Review the summary. Click **Save**.

## Next steps

[Create a password credential validator](pa_creating_a_password_credential_validator.html).