PingFederate SSO Directory Service allows applications to retrieve configuration data from a runtime PingFederate server. (A PingFederate server in a cluster configured as an administrative console does not support this web service.) This service allows web applications to avoid storing and maintaining the data locally. These types of data can be retrieved:

  • A list of IdP partners
  • A list of SP partners
  • A list of IdP adapter instances
  • A list of SP adapter instances

The SSO Directory Service provides information useful for integrating an application with a PingFederate server. It is a way for the application to find out dynamically which partners can be used for SSO. This means applications need not be modified when new partners are configured in PingFederate.

The WAR file for this module, pf-ws.war, is located in the pingfederate/server/default/deploy directory.

Note:

If you do not want to allow use of the service, it should not be deployed: remove the WAR file from the deploy directory.

The service endpoint is: pf-ws/services/SSODirectoryService

The WSDL document describing this service can be retrieved from: /pf-ws/services/SSODirectoryService?wsdl

You can retrieve a list using any of the following methods:

  • getIDPList – Returns a list of active IdP connections configured for SP-initiated SSO. The list contains each IdP's connection ID and Connection Name
  • getSPList – Returns a list of active SP connections configured for IdP-initiated SSO. The list contains each SP's connection ID and Connection Name
    Note:

    For either IdP or SP lists, connection IDs are returned as values for the XML tag <entityId>. Connection Names are returned as values for the XML tag <company> (see SOAP request and response examples).

  • getAdapterInstanceList – Returns a list of SP adapter instances containing an ID and name.
  • getIdpAdapterInstanceList – Returns a list of IdP adapter instances containing an ID and name.
    Note:

    These methods do not require input parameters.

The service is also available over HTTP. The query string for retrieving any of the lists is: /pf-ws/services/SSODirectoryService?method=<method_name>