Connection types - PingFederate

Connection types - PingFederate - 10.0

PingFederate Server

bundle

pingfederate-100

ft:publication_title

PingFederate Server

Product_Version_ce

PingFederate 10.0

category

Product

pf-100

pingfederate

ContentType_ce

PingFederate features an integrated administrative console for configuring four kinds of connections to identity-federation partners:

Browser-based SSO – Also called Browser SSO in the administrative console, this term is often used to refer to standards-based secure SSO, which generally depends on a user's browser to transport identity assertions and other messaging between partner endpoints (see Supported standards).
WS-Trust STS – Employs the PingFederate Security Token Service (STS), which enables Web service clients and providers (WSCs and WSPs) to extend SSO to identity-enabled web services at provider sites, using another set of standards (see the next section, About WS-Trust STS). These standards, including WS-Trust, do not rely on the user's browser for message transport.
OAuth Assertion Grant – Exchanges a SAML assertion or a JSON Web Token for an OAuth access token with the PingFederate authorization server (AS) (see About OAuth).
Provisioning – Provides automated cross-domain inbound and outbound user management (see User provisioning).

The types of connections can be configured together for the same partner or independently.