--- title: Configuring authentication applications description: You can let highly-trusted authentication applications employ the PingFederate Authentication API. component: pingfederate version: 13.1 page_id: pingfederate:administrators_reference_guide:help_authenticationapplicationtasklet_authenticationapplicationstate canonical_url: https://docs.pingidentity.com/pingfederate/13.1/administrators_reference_guide/help_authenticationapplicationtasklet_authenticationapplicationstate.html llms_txt: https://docs.pingidentity.com/pingfederate/llms.txt docs_for_agents: https://developer.pingidentity.com/build-with-ai/docs-for-agents.md revdate: July 8, 2024 section_ids: about-this-task: About this task steps: Steps choose-from: Choose from: --- # Configuring authentication applications You can let highly-trusted authentication applications employ the PingFederate Authentication API. ## About this task The following procedure describes how to use the **Authentication Application** window to integrate an authentication application with PingFederate. ![The Authentication Application window in PingFederate](_images/aez1636148233034.png) ## Steps 1. Go to **Authentication > Integration > Authentication API Applications**. ### Choose from: * To integrate a new application, click **Add Authentication Application**. * To modify an existing application's settings, click the **Application Name**. 2. Provide information for each field. For more information, see the following table. | Field | Description | | -------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | **Name** | The name of the authentication application. | | **Description** | An optional description of the authentication application. | | **URL** | The URL of the authentication application. | | **Additional Allowed Origins** | Enter any number of trusted origins to enable cross-origin resource sharing (CORS) support for the authentication API endpoint.Once configured, client-side web applications from the trusted origins are allowed to make requests to the PingFederate authentication API endpoint. For more information about CORS, see .spec.whatwg.org///\[W3C's recommendation on Cross-Origin Resource Sharing].The following list includes example origin formats and their expected behaviors:- `https://www.example.com` CORS requests originating from are allowed. - `https://www.example.com:8080` CORS requests originating from are allowed. - `https://www.example.com:*` CORS requests originating from :*\* are allowed. Given this sample entry, a port number is required in the Origin request header. Although using the wildcard character provides the convenience of allowing multiple origins with one entry, we recommend adding individual origins to limit CORS requests to a list of trusted hosts.Click **Add** to save an entered origin. Repeat to add multiple origins. | | **Allow Redirectless Mode** | To allow the authentication application to use redirectless mode with a specified OAuth client, select this checkbox. Then select a **Client for Redirectless Mode**.This checkbox is not selected by default. It is visible only if the **Restrict Access to Redirectless Mode** checkbox on the **Authentication API Applications** window is selected. For more information, see [Managing authentication applications](help_authenticationapplicationstasklet_authenticationapplicationsstate.html). | | **Client for Redirectless Mode** | Select the OAuth client that will use this authentication application in redirectless mode. The client must allow authentication API redirectless mode. For more information, see [Configuring OAuth clients](pf_configuring_oauth_clients.html).This field is visible only if the **Allow Redirectless Mode** checkbox is selected. | 3. To keep your configuration, click **Save** to or click **Cancel** to discard any changes made.