Managing token processors
The PingFederate Security Token Service (STS) uses token processors to validate incoming tokens and token requests.
About this task
You must configure at least one processor in order to set up an STS connection or a token-to-token mapping.
For more information about WS-Trust, see Web services standards.
PingFederate comes bundled with the following token processors:
-
JWT Token Processor
-
Kerberos Token Processor
-
OAuth Bear Token Processor
-
SAML 1.1 Token Processor
-
SAML 2.0 Token Processor
-
Username Token Processor
You can deploy additional token translators from Ping Identity website.
Steps
-
Go to Authentication → Token Exchange → Token Processors.
-
In the Token Processors window, choose from the following options.
Option Description Configure a new instance
Click Create New Instance
Modify an existing instance
Click the name of instance in the Instance Name column
View the usage of an existing instance
Click Check Usage in the Action column on the instance’s row
Remove an existing instance
Click Delete in the Action column on the instance’s row
By default, PingFederate automatically checks multi-connection errors whenever you access this window. This verifies that configured connections are not adversely affected by changes made here.
If you experience noticeable delays in accessing this window, you can disable automatic connection validation. Go to System → Server → General Settings.