Configuring PingFederate as a PingAccess token provider
To add PingAccess environments to PingCentral, PingFederate must be configured as the token provider. If you have PingFederate and PingAccess environments established, this configuration is likely in place.
About this task
To configure PingFederate as the token provider for PingAccess, the Issuer URL in PingAccess must either match the Base URL in PingFederate, or one of the virtual hosts defined in PingFederate.
Steps
-
To configure PingFederate as a PingAccess token provider, ensure the PingAccess Issuer URL and the PingFederate Base URL match.
If a virtual host is defined in PingFederate, continue to step 3.
-
To locate this information:
-
In PingFederate, to locate the Base URL field, go to System → Protocol Settings → Federation Info, as shown in the following example.
-
In PingAccess, to locate the Issuer URLfield, go to System → Token Provider.
In some versions of PingAccess, the Issuer URL might exist as separate Host and Port fields.
-
-
If a virtual host is defined in PingFederate, the PingAccess Issuer URL can reference that instead of Base URL. In PingFederate, to locate the virtual host, go the System → Virtual Host Names page and review the information in the Host Domain Name field.
Adding trusted CA certificates to PingCentral
For application owners to securely promote Security Assertion Markup Language (SAML) applications to PingFederate and PingAccess environments, trusted certificate authority (CA) certificates must be available in PingCentral.
Steps
-
To add a trusted certificate to PingCentral, select the Settings tab.
-
Expand the Security menu and select Trusted CA Certificates.
Result:
The Trusted CA Certificates page displays a list of the certificates currently available in PingCentral.
-
Click Add Certificate.
-
In the Add Certificate window, in the Alias field, enter a unique name for the certificate.
-
Click Choose File, select the certificate, and click Add to upload it.
Result:
The certificate displays in the list of trusted CA certificates.
-
Click the Expand icon for the certificate to view details.