PingCentral supports OAuth resource server functionality by validating provided bearer tokens when accessing the Admin API. Only signed JSON web token (JWT) tokens are supported in this release, so a JSON Web Key Set ( JWKS) endpoint is required to obtain the public keys for signature validation.
If you are using PingFederate 10.1 or later, you can enable the centralized signing key functionality. Additional configuration isn't required in PingCentral to access the centralized JWKS endpoint.
If the access token manager has been configured with an explicit JWKS endpoint path, you must also specify this path in PingCentral.
In PingFederate, this endpoint is exposed as https://<pf_host>:<port>/ext/<JWKS Endpoint Path>.