Choosing IdP connection options

On the Connection Optionstab, shown only for browser-based single sign-on (SSO) connections, you can enable browser-based SSO in conjunction with Just-in-Time (JIT) provisioning. Additionally, you can also choose to map user attributes for persistent grants used by the optional PingFederate OAuth authorization server.

About this task

For SAML 2.0, you can configure the Attribute Query profile with or without the browser-based SSO.

Steps

On the Connection Options tab, make the appropriate selections for your configuration.

Choice	Action
Create a connection for browser-based SSO.	Select the Browser SSO check box.
Enable JIT provisioning, OAuth attribute mapping, or both.	Select the appropriate check box after selecting the Browser SSO check box.
Create a connection to facilitate the SAML 2.0 Attribute Query profile.	Select the Attribute Query check box. For more information, see Attribute Query and XASP

Choice

Action

Create a connection for browser-based SSO.

Select the Browser SSO check box.

Enable JIT provisioning, OAuth attribute mapping, or both.

Select the appropriate check box after selecting the Browser SSO check box.

Create a connection to facilitate the SAML 2.0 Attribute Query profile.

Select the Attribute Query check box. For more information, see Attribute Query and XASP

PingFederate Server

Choosing IdP connection options

About this task

Steps