---
title: Using the administrative API to disable SSO
description: If basic authorization wasn't disabled, use the admin application programming interface (API) to disable single sign-on (SSO).
component: pingaccess
version: 9.0
page_id: pingaccess:troubleshooting:pa_using_the_admin_api_to_disable_sso
canonical_url: https://docs.pingidentity.com/pingaccess/9.0/troubleshooting/pa_using_the_admin_api_to_disable_sso.html
revdate: June 21, 2023
section_ids:
  steps: Steps
  example: Example:
  result: Result
---

# Using the administrative API to disable SSO

If basic authorization wasn't disabled, use the admin application programming interface (API) *(tooltip: \<div class="paragraph">
\<p>A specification of interactions available for building software to access an application or service.\</p>
\</div>)* to disable single sign-on (SSO) *(tooltip: \<div class="paragraph">
\<p>The process of authenticating an identity (signing on) at one website (usually with a user ID and password) and then accessing resources secured by other domains without reauthenticating.\</p>
\</div>)*.

## Steps

1. Sign on to the local PingAccess system and start a non-Internet Explorer (IE) browser.

2. Sign on to the API doc page at https\://*\<host>*:*\<admin-port>*/pa-admin-api/v3/api-docs/.

   ### Example:

   https\://localhost:9000/pa-admin-api/v3/api-docs/

   Use the normal administrator username, `Administrator`, and your password.

3. Click and expand the **Auth** section, then expand **PUT /auth/oidc**.

4. Enter the following code:

   ```json
   {
   "enabled": false
   }
   ```

5. Click **Try it Out**.

## Result

You can sign on normally and reconfigure SSO for the admin API from **Settings → Admin UI Authentication → Authentication Method**.