- Go to the System > Protocol Settings > Roles & Protocols screen.
- If you have not done so, enable the applicable federation role (or roles) for your deployment.
-
Under the role (or roles) that you require STS processing, select the
WS-Trust check box to enable the protocol.
Note:
PingFederate supports the STS with or without selections of other browser-based SSO protocols. The handling of SAML 1.1 and 2.0 tokens is independent of the supported browser-based SSO protocols shown on the same screen.
-
Enter your SAML federation IDs on the System > Protocol Settings > Federation Info screen (unless these IDs are already established for corresponding
browser-based SSO protocols).
Note:
Identifiers are required for both SAML 2.0 and SAML 1.x to enable the STS to issue either type of token when requested. If you have not established a federation ID for either of these protocols or do not expect to use one or the other, enter a placeholder (in any format) and reconfigure later as needed.