If you are using PingFederate 10.0 or earlier, ensure
that PingFederate is configured to respond to OAuth
A standard framework that enables an application (OAuth client) to obtain access tokens from an
OAuth authorization server for the purpose of retrieving protected resources on a
resource server. and OpenID Connect (OIDC)
An authentication protocol built on top of OAuth that authenticates users and enables clients
(relying parties) of all types to request and receive information about authenticated
sessions and users. OIDC is extensible, allowing clients to use optional features such
as encryption of identity data, discovery of OpenID Providers (OAuth authorization
servers), and session management.requests.
For more information on PingFederate roles and protocols, see Choose roles and protocols.
-
In the PingFederate administrative console, go
to .
-
Click Roles & Protocols and verify that the
following items are selected. Click Next.
- Enable OAuth 2.0 Authorization Server as Role
(role) and OpenID Connect (protocol)
- Enable Identity Provider (IdP) Role and Support the
Following: (role) and SAML 2.0
(protocol)
-
On the Federation Info tab, enter the URL of your
PingFederate environment and your
SAML
(Security Assertion Markup Language) A standard, XML-based, message-exchange framework enabling
the secure transmittal of authentication tokens and other user attributes across
domains. 2.0 entity ID, then click
Next.
For example:
- Base URL:
https://mypingfedserver:9031
- SAML 2.0 Entity ID:
https://mypingfedserver/idp
-
Review the summary. Click Save.