If your PingAccess deployment is upgraded from version 5.2 or earlier with an
existing token provider configuration, and you have not configured a token provider using
the /pingfederate/runtime
API endpoint, use this workflow to configure a
PingFederate runtime.
Before configuring a secure connection to the PingFederate runtime, export the PingFederate certificate and import it into a trusted certificate group in PingAccess. Perform the following steps:
- In PingFederate, export the certificate active for the Runtime Server. For more information, see SSL Server Certificates in the PingFederate Administrator's Manual.
- Import the certificate into PingAccess.
- Create a Trusted Certificate Group if one does not already exist.
- Add the certificate to a Trusted Certificate Group.
For information on setting up PingFederate as an OAuth authorization server, see Enabling the OAuth AS and Authorization Server Settings.
After you save the PingFederate runtime connection, PingAccess will test the connection to PingFederate. If the connection cannot be made, a warning will display in the admin interface, and the PingFederate runtime will not save.
After you configure the token provider, click View Metadata to display the metadata provided by the token provider. To update the metadata, click Refresh Metadata.