Identity provider SSO configuration
Identity providers (IdP) can use the PingFederate administrative console to configure local application-integration information and to manage connections to service provider (SP)-partner sites.
You only need one connection per partner, even if you are targeting more than one web application at the destination SP site.
While your entity ID is defined on the Federation Info tab of the Protocol Settings window, you can identify your organization differently using virtual server IDs on a per-connection basis. For more information, see Multiple virtual server IDs.
You can deploy an SP connection to bridge a service provider to one or more identity providers through authentication policy contracts. For more information, see Federation hub use cases.
This topic applies to configuration settings needed for browser-based single sign-on (SSO). If you are using PingFederate exclusively as a security token service (STS), start with WS-Trust STS configuration. |