Enabling PingFederate roles and protocols - PingAccess - 7.3


PingAccess 7.3

If you are using PingFederate 10.0 or earlier, ensure that PingFederate is configured to respond to OAuthOAuth A standard framework that enables an application (OAuth client) to obtain access tokens from an OAuth authorization server for the purpose of retrieving protected resources on a resource server. and OpenID Connect (OIDC)OpenID Connect (OIDC)OIDC An authentication protocol built on top of OAuth that authenticates users and enables clients (relying parties) of all types to request and receive information about authenticated sessions and users. OIDC is extensible, allowing clients to use optional features such as encryption of identity data, discovery of OpenID Providers (OAuth authorization servers), and session management.requests.

For more information on PingFederate roles and protocols, see Choose roles and protocols.

  1. In the PingFederate administrative console, go to System > Server > Protocol Settings.
  2. Click Roles & Protocols and verify that the following items are selected. Click Next.
    • Enable OAuth 2.0 Authorization Server as Role (role) and OpenID Connect (protocol)
    • Enable Identity Provider (IdP) Role and Support the Following: (role) and SAML 2.0 (protocol)
  3. On the Federation Info tab, enter the URL of your PingFederate environment and your SAMLSAML (Security Assertion Markup Language) A standard, XML-based, message-exchange framework enabling the secure transmittal of authentication tokens and other user attributes across domains. 2.0 entity ID, then click Next.

    For example:

    • Base URL: https://mypingfedserver:9031
    • SAML 2.0 Entity ID: https://mypingfedserver/idp
  4. Review the summary. Click Save.
Create a password credential validator.