PingFederate supports the following system requirements. This section lists recommended versions and requirements.
Operating systems and virtualization
PingFederate is tested with default configurations of operating-system components. If your organization customizes implementations or installs third-party plug-ins, deployment efforts might affect the PingFederate server.
- Operating systems
-
- Amazon Linux 2
- Canonical Ubuntu 16.04 LTS
- Canonical Ubuntu 18.04 LTS
- Microsoft Windows Server 2016
- Microsoft Windows Server 2019
- Oracle Enterprise Linux 7.7 (Red Hat compatible kernel)
- Oracle Enterprise Linux 8.1 (Red Hat Compatible Kernel)
- Red Hat Enterprise Linux ES 7.7
- Red Hat Enterprise Linux ES 8.1
- SUSE Linux Enterprise 12 SP5
- SUSE Linux Enterprise 15 SP1
- Docker support
-
- Docker version: 19.03.8
- Host operating system: Ubuntu 18.04 LTS
- Kernel: 4.15.0-1063-aws
- Virtualization
- Although Ping Identity does not qualify or recommend any specific virtual-machine
(VM) or container products other than those listed above, PingFederate has run
well on several, including Hyper-V, VMWare, and Xen.Note:
The list of products is provided for example purposes only. We view all products in this category equally. Ping Identity accepts no responsibility for the performance of any specific virtualization software and in no way guarantees the performance, interoperability, or both of any VM or container software with its products.
Java environment
- Amazon Corretto 11
- Amazon Corretto 8
- OpenJDK 11
- Oracle Java SE Development Kit 11 LTS
- Oracle Java SE Runtime Environment (Server JRE) 8
Ping Identity Java Support Policy applies. For more information, see Java Support Policy in the Ping Identity Knowledge Base.
Browsers
- Runtime server
-
- Apple Safari
- Google Chrome
- Microsoft Edge
- Microsoft Internet Explorer 11
- Mozilla Firefox
- Apple iOS 13 (Safari)
- Google Android 10 (Chrome)
- Administrative server
-
- Google Chrome
- Microsoft Internet Explorer 11 or later
- Mozilla Firefox
TLS protocol
- Runtime server and administrative server
-
- TLS 1.2 and 1.3
Note:TLS 1.3 requires Java 11.
Datastore integration
- User-attribute lookup
-
- PingDirectory 7.0, 7.2, 7.3, 8.0, 8.1
- Microsoft Active Directory 2016
- Oracle Directory Server Enterprise Edition 11g
- Oracle Unified Directory 12c
- Amazon Aurora (MySQL 5.6.10a)
- Amazon Aurora (PostgreSQL 10.7)
- Microsoft SQL Server 2016 SP2 and 2017
- Oracle Database 12c Release 1 (12.1.0.2.0)
- Oracle Database 19c
- Oracle MySQL 8.0
- PostgreSQL 9.6.15 and 11.5
- SaaS or SCIM outbound provisioning
-
- Provisioning channel data source
-
- PingDirectory 7.0, 7.2, 7.3, 8.0, 8.1
- Microsoft Active Directory 2016
- Oracle Directory Server Enterprise Edition 11g
- Oracle Unified Directory 12c
- Provisioning internal datastore
-
- Amazon Aurora (MySQL 5.6.10a)
- Amazon Aurora (PostgreSQL 10.7)
- Microsoft SQL Server 2016 and 2017
- Oracle Database 12c Release 1
- Oracle Database 19c
- Oracle MySQL 8.0
- PostgreSQL 9.6.15 and 11.5
- SCIM inbound provisioning
-
- Microsoft Active Directory 2016
- Custom implementation through the PingFederate SDK
- Just-in-time (JIT) inbound provisioning
-
- PingDirectory 7.0, 7.2, 7.3, 8.0, 8.1
- Microsoft Active Directory 2016
- Oracle Directory Server Enterprise Edition 11g
- Oracle Unified Directory 12c
- Microsoft SQL Server 2016 SP2 and 2017
- Account linking
-
- PingDirectory 7.0, 7.2, 7.3, 8.0, 8.1
- Microsoft Active Directory 2016
- Oracle Directory Server Enterprise Edition 11g
- Oracle Unified Directory 12c
- Amazon Aurora (MySQL 5.6.10a)
- Amazon Aurora (PostgreSQL 10.7)
- Microsoft SQL Server 2016 SP2 and 2017
- Oracle Database 12c Release 1
- Oracle Database 19c
- Oracle MySQL 8.0
- PostgreSQL 9.6.15 and 11.5
- OAuth client configuration and persistent grants
-
- PingDirectory 7.0, 7.2, 7.3, 8.0, 8.1
- Microsoft Active Directory 2016
- Oracle Directory Server Enterprise Edition 11g
- Oracle Unified Directory 12c
- Amazon Aurora (MySQL 5.6.10a)
- Amazon Aurora (PostgreSQL 10.7)
- Microsoft SQL Server 2016 SP2 and 2017
- Oracle Database 12c Release 1
- Oracle Database 19c
- Oracle MySQL 8.0
- PostgreSQL 9.6.15 and 11.5
- Custom implementation through the PingFederate SDK
- Registration and profile management of local identities
-
- PingDirectory 7.0, 7.2, 7.3, 8.0, 8.1
- Persistent authentication sessions
-
- PingDirectory 7.2, 7.3, 8.0, 8.1
- Amazon Aurora (MySQL 5.6.10a)
- Amazon Aurora (PostgreSQL 10.7)
- Microsoft SQL Server 2016 SP2 and 2017
- Oracle Database 12c Release 1 and 19c
- Oracle MySQL 8.0
- PostgreSQL 9.6.15 and 11.5
PingFederate was tested with vendor-specific JDBC 4.2 drivers. For more information, see Database driver information.
Third-party cryptographic solutions
- Hardware security modules (optional)
-
- AWS CloudHSM
-
- Client software version: 3.1.1
Note:PingFederate must be deployed on one of the Linux operating systems supported by both AWS CloudHSM and PingFederate.
- Gemalto SafeNet Luna Network HSM 6
-
- HSM firmware version: 6.3
- Firmware version: 6.27.0
- Client software version: 6.3
- Gemalto SafeNet Luna Network HSM 7
-
- Appliance software version: 7.2.0
- Firmware version: 7.2.0
- Client software version: 7.2.0
- nCipher nShield Connect (in FIPS 140-2 Level 3 mode)
-
- Host and Firmware version: 12.40.0
- Client driver version: 12.40.2
- Hardware Model: Net HSM 6000 appliance
Note:When integrating with a hardware security module (HSM), you must deploy PingFederate with Oracle Server JRE (Java SE Runtime Environment) 8 or Amazon Corretto 8.
- Software cryptographic solution
-
- Bouncy Castle
- Bouncy Castle Java FIPS 1.0.2
Hardware requirements
- Minimum hardware recommendations
-
- Multi-core Intel Xeon processor or higher
4 CPU/Cores recommended
- 4 GB of RAM
1.5 GB available to PingFederate
- 1 GB of available hard drive space
- Multi-core Intel Xeon processor or higher
Although it is possible to run PingFederate on less powerful hardware, the guidelines provided accommodate disk space for default logging, auditing profiles, and CPU resources for a moderate level of concurrent request processing.