Configure CIMD settings

On the CIMD Settings page, configure the global behavior for all Client ID Metadata Document (CIMD) clients.

Steps

In the PingFederate admin console, go to System > OAuth Settings > CIMD Settings.
Select the Enable CIMD checkbox to allow PingFederate to process CIMD requests.
Configure the Cache Settings and Connection Settings sections.

Refer to the following tables for field information.
Click Save.

Before using CIMD, PingFederate must be configured with an external OAuth client storage.

Use the Cache Settings section to control how long PingFederate can cache CIMD clients and their retrieved metadata.

Field Description

Field	Description
Minimum Lifetime (seconds)	The minimum amount of time that PingFederate caches a CIMD client and its metadata, in seconds. + Use this setting to prevent frequent metadata retrieval when metadata documents specify very short cache lifetimes. + A valid value is an integer between `0` and `86400`.
Maximum Lifetime (seconds)	The maximum amount of time that PingFederate caches a CIMD client and its metadata, in seconds. + Use this setting to limit how long PingFederate can retain CIMD client data when metadata documents specify long cache lifetimes. + A valid value is an integer between `1` and `86400`.

Minimum Lifetime (seconds)

The minimum amount of time that PingFederate caches a CIMD client and its metadata, in seconds.

+ Use this setting to prevent frequent metadata retrieval when metadata documents specify very short cache lifetimes.

+ A valid value is an integer between 0 and 86400.

Maximum Lifetime (seconds)

The maximum amount of time that PingFederate caches a CIMD client and its metadata, in seconds.

+ Use this setting to limit how long PingFederate can retain CIMD client data when metadata documents specify long cache lifetimes.

+ A valid value is an integer between 1 and 86400.

Use the Connection Settings section to control how PingFederate retrieves client metadata documents.

Review these settings carefully to protect PingFederate from excessive outbound metadata retrieval activity.

Field Description

Field	Description
Request Timeout (seconds)	The maximum amount of time that PingFederate waits to establish a connection when retrieving a client metadata document. + A valid value is an integer between `1` and `30`.
Read Timeout (seconds)	The maximum amount of time that PingFederate waits to read the metadata response after the connection is established. + A valid value is an integer between `1` and `120`.
Maximum Retry Attempts	The maximum number of retry attempts that PingFederate makes when retrieving a client metadata document. + Use a low value unless your deployment requires additional resilience for temporary network failures. + A valid value is an integer between `0` and `5`.
Maximum Response Size (bytes)	The maximum allowed size of a retrieved client metadata document, in bytes. + Use this setting to prevent PingFederate from processing unexpectedly large metadata responses. + A valid value is an integer between `1` and `65536`.

Request Timeout (seconds)

The maximum amount of time that PingFederate waits to establish a connection when retrieving a client metadata document.

+ A valid value is an integer between 1 and 30.

Read Timeout (seconds)

The maximum amount of time that PingFederate waits to read the metadata response after the connection is established.

+ A valid value is an integer between 1 and 120.

Maximum Retry Attempts

The maximum number of retry attempts that PingFederate makes when retrieving a client metadata document.

+ Use a low value unless your deployment requires additional resilience for temporary network failures.

+ A valid value is an integer between 0 and 5.

Maximum Response Size (bytes)

The maximum allowed size of a retrieved client metadata document, in bytes.

+ Use this setting to prevent PingFederate from processing unexpectedly large metadata responses.

+ A valid value is an integer between 1 and 65536.

PingFederate applies the CIMD settings globally to all CIMD requests and clients.