Session state management

Session state management for authentication API adapters is no different than for regular adapters. The same mechanisms, such as SessionStateSupport and TransactionalStateSupport, are used to store and retrieve session attributes on behalf of a user.

It should not be necessary to store more state attributes just to support the authentication API. The same session attributes should cover both API and non-API requests.

You can also wrap an API-capable adapter in a PingFederate-managed authentication session. PingFederate-managed authentication sessions mean that many adapters no longer need to provide their own internal session tracking.

Developing authentication API-capable adapters and selectors

PingFederate Server

Session state management

Related links