The PingFederate WS-Trust Security Token Service (STS) allows organizations to extend SSO identity management to web services. (For information about WS-Trust and the role of an STS, see Web services standards).

The STS shares the core functionality of PingFederate, including console administration, identity and attribute mapping, and certificate security management. With PingFederate, web services can securely identify the end user who has initiated a transaction across domains, providing enhanced service while simultaneously ensuring appropriate information access and regulatory accountability.

PingFederate can be used in many different scenarios to address different identity and security problems as they relate to web services, service-oriented architecture (SOA), and Enterprise Service Buses. All of these scenarios share a recommended architectural approach that uses a SAML assertion as the standard security token shared between security domains. (For more information, see About WS-Trust STS).

WS-Trust Security Token Service SSO