• The following is an example access token validator configured on the PingDirectory Server for a PingFederate server:
    $ bin/dsconfig create-external-server \
      --server-name PingFederate \
      --type http \
      --set base-url:https://my-ping-federate-server:1443/
    $ bin/dsconfig create-access-token-validator \
      --validator-name "PingFederate Token Validator" \
      --type ping-federate \
      --set enabled:true \
      --set "identity-mapper:User ID Exact Match" \
      --set authorization-server:PingFederate \
      --set client-id:id \
      --set client-secret:secret
  • If more than one access token validator is configured on the PingDirectory Server, the Consent Service can be configured to use a single validator with the following command:
    $ bin/dsconfig set-http-servlet-extension-prop \
      --extension-name Consent \
      --set "access-token-validator:PingFederate Token Validator"