PingFederate Server

Configuring protocol settings

The Protocol Settings tab on the Browser SSO window provides the launching point for configuring partner endpoints, message customizations, and other protocol-specific settings for browser-based single sign-on (SSO) connections.

About this task

The settings available on the Protocol Settings tab depend on the connection’s protocol. The availability of the settings also depends on the connection’s other previously configured settings.

SAML 2.0
  • Outbound SSO bindings (POST, redirect, artifact) and the corresponding SSO service URLs

  • Outbound single logout (SLO) bindings (POST, redirect, artifact, SOAP) and the corresponding protocol endpoints

  • Inbound bindings (POST, redirect, artifact, SOAP)

  • Artifact lifetime

  • Artifact resolution location

  • Default target URL

  • Authentication context mappings

  • Signature policy

  • Encryption policy

SAML 1.x
  • Outbound SSO service URL, also known as the Intersite Transfer Service, if the service provider (SP)-Initiated SSO profile is enabled

  • Inbound bindings (POST, artifact)

  • Artifact resolution location

  • Default target URL

  • Signature policy

WS-Federation
  • Protocol endpoint

  • Default target URL

  • Signature policy

OpenID Connect
  • The scopes PingFederate sends to the OpenID provider (OP) in its authorization and token requests

  • The OpenID Connect login type and authentication scheme used by PingFederate when communicating with the OP

  • The authorization endpoint, the token endpoint, the user information, UserInfo, endpoint, and the JWKS URL

  • Default target URL

  • Authentication context mappings

To start configuring the connection’s protocol setting:

Steps

  1. On the Protocol Settings tab, click Configure Protocol Settings.

    Result:

    The Protocol Settings window opens.

  2. Use the window’s tabs to continue configuring the connection’s protocol settings.