This information identifies your federation deployment to your partners, according to the protocol(s) you support.
You must provide an ID that uniquely identifies your federation gateway for each protocol you support. For WS-Trust STS, IDs are required for both SAML 2.0 and SAML 1.x, regardless of browser-based SSO protocol support or the type of token expected to be issued, to ensure that the STS will perform correctly under all conditions.
Each ID normally applies across all connection partners for a given protocol; however, if your implementation requires different IDs for the same protocol, you can use virtual server IDs (see Federation planning checklist).
- Go to the screen.
Provide the required information.
For more information, refer to the following table.
Field Description Base URL The fully qualified host name, port, and path (if applicable) on which the PingFederate server runs. This field is used to populate configuration settings in metadata files (see Metadata export). SAML 2.0 Entity ID This ID defines your organization as the entity operating the server for SAML 2.0 transactions. It is usually defined as an organization's URL or a DNS address; for example:
pingidentity.com. The SAML SourceID used for artifact resolution is derived from this ID using SHA1.
SAML 1.x Issuer/Audience This ID identifies your federation server for SAML 1.x transactions. As with SAML 2.0, it is usually defined as an organization's URL or a DNS address. The SourceID used for artifact resolution is derived from this ID using SHA1. SAML 1.x Source ID (Optional) If supplied, the Source ID value entered here is used for SAML 1.x, instead of being derived from the SAML 1.x Issuer/Audience. WS-Federation Realm The URI of the realm associated with the PingFederate server. A realm represents a single unit of security administration or trust.
The fields available on this screen depend on the federation protocols enabled on your server (see Choosing roles and protocols).
Click Next and continue with the rest of the
When editing an existing configuration, you may also click Save as soon as the administrative console offers the opportunity to do so.