--- title: Customizable user-facing pages description: PingFederate supplies HTML templates, located in the /pingfederate/server/default/conf/template directory, to provide information to the end-users or to request user input when processing their requests. component: pingfederate version: 13.0 page_id: pingfederate:administrators_reference_guide:pf_custom_user_facing_pages canonical_url: https://docs.pingidentity.com/pingfederate/13.0/administrators_reference_guide/pf_custom_user_facing_pages.html revdate: January 28, 2026 section_ids: strict-content-security-policy-for-html-templates: Strict content security policy for HTML templates related-links: Related links --- # Customizable user-facing pages PingFederate supplies HTML templates, located in the `/pingfederate/server/default/conf/template` directory, to provide information to the end-users or to request user input when processing their requests. The PingFederate HTML templates use the Velocity template engine, an open-source Apache project. Learn more about Velocity in the [Velocity project documentation](https://velocity.apache.org/). You can modify most of these pages in a text editor to suit the branding and informational needs for your PingFederate installation. CSS and images for these pages are included in the `template/assets` subdirectory. Each page contains both Velocity constructs and standard HTML. The Velocity engine interprets the commands embedded in the template page before the HTML is rendered in the user's browser. At runtime, PingFederate supplies values for the Velocity variables used in the template. | | | | - | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | You can develop and deploy your own tools using the Velocity tools framework. For a full list of available tools, see [Tools Usage Summary](https://velocity.apache.org/tools/3.1/tools-summary.html) in the Apache Velocity documentation. | Each template contains specific variables that can be used for rendering the associated web page. You can see the variables and usage examples in the comments of each template. The following table describes variables that are available across all templates: | Variable | Description and Usage | | ------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | *utils*- utility class | The utility method to display JSON String arrays. `$utils.toJsonArray(Collection)` - Use this method to convert a collection into a JSON string. | | *$escape* | A utility class that can be used to escape String variables inserted into the template, such as `$escape.escape($clientName)` where *$clientName* is one of the variables available in the `oauth.approval.page.template.html` template file.Use `$escape.forJavaScript($variable)` when passing String variables into a JavaScript code block or an event handler within a template, such as `window.location.replace("$escape.forJavaScript($wreply)")` in the `sourceid-wsfed-idp-signout-cleanup-template.html` template file. Use the $escape variable to escape external data, such as request parameters, to mitigate the risk of potential cross-site scripting (XSS) attacks. | | *$HttpServletRequest* | A Java object instance of `javax.servlet.http.HttpServletRequest`. Used to add additional knowledge about the request that is otherwise unavailable in the template, such as the *User-Agent* HTTP header. | | *$HttpServletResponse* | A Java object instance of `javax.servlet.http.HttpServletResponse`. Used to modify the response in the template, such as setting additional browser cookies. | | *$locale* | A Java object instance of `java.util.Locale` that represents a user's country and language. Used to customize the end-user experience. For example, the locale is used to display content in the user's preferred language. | | *$CurrentPingFedBaseURL* | The host name found in the request, provided that it matches either the PingFederate's base URL or one of the configured virtual host names. | | *$PingFedBaseURL* | The PingFederate base URL.For most deployments, use the *$CurrentPingFedBaseURL*variable instead of the *$PingFedBaseURL* variable. | | *$templateMessages* | Used to localize messages in the template, based on user's Locale, an instance of `com.pingidentity.sdk.locale.LanguagePackMessages`. For more information, see the Javadoc for the `LanguagePackMessages` class in the directory `/pingfederate/sdk/doc`. | | *$TrackingId* | The user's session tracking ID. | The following describes variables that are available on some templates. | Variable | Description | | --------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | *$entityId* | The entity ID (connection ID) of the SP connection used in this SSO transaction. | | *$connectionName* | The name of the SP Connection used in this SSO transaction. | | *$client\_id* | The ID of the OAuth *(tooltip: \
\

A standard framework that enables an application (OAuth client) to obtain access tokens from an OAuth authorization server for the purpose of retrieving protected resources on a resource server.\

\
)* client used in this transaction. | | *$clientName* | The name of the OAuth client used in this transaction. | | *$spAdapterId* | The SP Adapter ID used in this transaction. | | *$baseUrl* | The base URL of the PingFederate instance. | | *$adapterId* | The IdP Adapter ID used in this transaction. | | *$oidcUiLocales* | The value of the OpenID Connect `ui_locales` parameter that conveys the user's preferred languages and scripts for the user interface. | | *$extendedProperties* | The extended properties defined on either the connection or OAuth client. | | *$userAttributes* | The user's display name, email address, and other user-specific data retrieved from the template type used in this transaction. The $userAttributes variable represents the attributes associated with a user's identity and enables the retrieval of user-specific information across templates.In Local Identity Profile (LIP)-related templates, the attribute names of *$userAttributes* are derived from the data store mapping configured in **Authentication > Policies > Local Identity Profiles > Data Store Configuration > Data Store Mapping**. For example, *userAttributes.email* is an attribute in this context.In Adapter-related templates, the attribute names of *$userAttributes* are based on the configured contract in the LDAP-type password credential validator (PCV) *(tooltip: \
\

Configures a centralized location for user credential validation. The validator instances can then be referenced by PingFederate.\

\
)*. For non-LDAP PCVs, the attribute names are derived from the implementation of the SDK method, `ResettablePasswordCredential.findUser()`. The following attributes are commonly used:- *userAttributes.userName* - *userAttributes.givenName* - *userAttributes.mail* - *userAttributes.phone* - *userAttributes.pingid* - *userAttributes.mailVerified* | | *$grantAttributes* | The attributes of the grant used in this transaction. | | | | | - | -------------------------------------------------------- | | | Changing Velocity or JavaScript code is not recommended. | At runtime, the user's browser is directed to the appropriate page, depending on the operation being performed and where the related condition occurs. For example, if a single sign-on (SSO) error occurs during identity provider (IdP)-initiated SSO, the user's browser is directed to the IdP's SSO error-handling page. Applications can override the PingFederate server-hosted pages provided specifically for SSO and single logout (SLO) errors by specifying a URL value in the relevant application endpoint's `InErrorResource` parameter. Administrators can override SSO and SLO success pages by specifying default URLs on the **SP Default URLs** window (**Applications > Integration > SP Default URLs**) or the **IdP Default URL** window (**Authentication > Integration > IdP Default URL**). The Velocity templates retrieve titles and other text from a message-property file, `pingfederate-messages.properties`, located in the `/pingfederate/server/default/conf/language-packs` directory. You can also localize these messages using the PingFederate localization framework. | | | | - | ------------------------------------------------------------------------------------------------------------- | | | If you have a clustered PingFederate environment, copy the customized, and localized, templates to each node. | ## Strict content security policy for HTML templates Content security policy (CSP) is a security feature that protects against cross-site scripting (XSS) attacks by controlling what resources a web page can load. When creating customizable user-facing pages, ensure that your HTML templates follow a strict CSP to prevent the execution of any unsafe or unauthorized scripts and resources on the user's browser. For more information, see [Content Security Policy (CSP)](https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CSP) in the Mozilla developer documentation. PingFederate enforces a CSP on its HTML templates through the `` HTML element. The CSP configured though this element varies depending on the template and the use-cases it supports. You can modify the CSP to work with your template customizations and security requirements. The `$CSPNonce` Velocity variable is available on all templates, and you can use this variable to allow inline scripts and styles by including the nonce in `