The PingFederate Security Token Service (STS) uses token generators to issue security tokens that can be consumed by web services at your site. You must configure at least one generator in order to set up an STS connection or a token-to-token mapping.

(For more information about WS-Trust, see Web services standards.)

PingFederate comes bundled with the SAML 1.1 Token Generator and SAML 2.0 Token Generator.

You can also deploy additional token translators from Ping Identity website (www.pingidentity.com/en/products/downloads.html).

You manage token generator instances on the Service Provider > Token Generators screen.

  • To configure a new instance, click Create New Instance.
  • To modify an existing instance, select it by its name under Instance Name.
  • To review the usage of an existing instance, click Check Usage under Action.
  • To remove an existing instance or to cancel the removal request, click Delete or Undelete under Action.
  • To retain any configuration changes, click Save.
  • To discard any configuration changes, click Cancel.
Note:

Automatic multi-connection error checking occurs by default whenever you access this screen. The intent is to verify that configured connections have not been adversely affected by changes made here.

If you experience noticeable delays in accessing this page, you can optionally disable automatic connection validation on the System > Server > General Settings page.

For simplicity, this topic focuses on configuring an instance of the SAML 1.1 or 2.0 Token Generator. For add-on token generators, please refer to the online documentation referenced in the download package.