Client authentication schemes - PingFederate

Client authentication schemes - PingFederate - 10.0

PingFederate Server

bundle

pingfederate-100

ft:publication_title

PingFederate Server

Product_Version_ce

PingFederate 10.0

category

Product

pf-100

pingfederate

ContentType_ce

Page created: 12 Sep 2019 |

Page updated: 19 Mar 2020

| 1 min read

PingFederate 10.0 Product Administration User task OAuth Standards, specifications, and protocols Software Deployment Method Administrator Audience Product documentation Content Type

Most OAuth and OpenID Connect use cases require the client application to authenticate successfully before its requests can be processed further.

As an OAuth AS, PingFederate supports the following client authentication schemes:

Client secret for HTTP Basic authentication.
Client TLS certificate for mutual TLS authentication.
Private key JWT for the private_key_jwt client authentication method, as defined in the OpenID Connect specification.
None when authentication is not required.

When deployed as an OpenID Connect Relying Party (RP), PingFederate can authenticate via client secret and private key JWT. It can also handle the scenario where authentication is not required.