Operating systems and virtualization

Note:

PingFederate is tested with default configurations of operating-system components. If your organization customizes implementations or installs third-party plug-ins, deployment efforts might affect the PingFederate server.

Operating systems
  • Amazon Linux 2
  • Canonical Ubuntu 16.04 LTS
  • Canonical Ubuntu 18.04 LTS
  • Microsoft Windows Server 2016
  • Microsoft Windows Server 2019
  • Oracle Enterprise Linux 7.7 (Red Hat compatible kernel)
  • Oracle Enterprise Linux 8.1 (Red Hat Compatible Kernel)
  • Red Hat Enterprise Linux ES 7.7
  • Red Hat Enterprise Linux ES 8.1
  • SUSE Linux Enterprise 12 SP5
  • SUSE Linux Enterprise 15 SP1
Docker support
  • Docker version: 19.03.8
  • Host operating system: Ubuntu 18.04 LTS
  • Kernel: 4.15.0-1063-aws
Virtualization
Although Ping Identity does not qualify or recommend any specific virtual-machine (VM) or container products other than those listed above, PingFederate has run well on several, including Hyper-V, VMWare, and Xen.
Note:

The list of products is provided for example purposes only. We view all products in this category equally. Ping Identity accepts no responsibility for the performance of any specific virtualization software and in no way guarantees the performance, interoperability, or both of any VM or container software with its products.

Java environment

  • Amazon Corretto 11
  • Amazon Corretto 8
  • OpenJDK 11
  • Oracle Java SE Development Kit 11 LTS
  • Oracle Java SE Runtime Environment (Server JRE) 8
Note:

Ping Identity Java Support Policy applies. For more information, see Java Support Policy in the Ping Identity Knowledge Base.

Browsers

Runtime server
  • Apple Safari
  • Google Chrome
  • Microsoft Edge
  • Microsoft Internet Explorer 11
  • Mozilla Firefox
  • Apple iOS 13 (Safari)
  • Google Android 10 (Chrome)
Administrative server
  • Google Chrome
  • Microsoft Internet Explorer 11 or later
  • Mozilla Firefox

TLS protocol

Runtime server and administrative server
  • TLS 1.2 and 1.3
Note:

TLS 1.3 requires Java 11.

Datastore integration

User-attribute lookup
  • PingDirectory 7.0, 7.2, 7.3, 8.0, 8.1
  • Microsoft Active Directory 2016
  • Oracle Directory Server Enterprise Edition 11g
  • Oracle Unified Directory 12c
  • Amazon Aurora (MySQL 5.6.10a)
  • Amazon Aurora (PostgreSQL 10.7)
  • Microsoft SQL Server 2016 SP2 and 2017
  • Oracle Database 12c Release 1 (12.1.0.2.0)
  • Oracle Database 19c
  • Oracle MySQL 8.0
  • PostgreSQL 9.6.15 and 11.5
SaaS or SCIM outbound provisioning
Provisioning channel data source
  • PingDirectory 7.0, 7.2, 7.3, 8.0, 8.1
  • Microsoft Active Directory 2016
  • Oracle Directory Server Enterprise Edition 11g
  • Oracle Unified Directory 12c
Provisioning internal datastore
  • Amazon Aurora (MySQL 5.6.10a)
  • Amazon Aurora (PostgreSQL 10.7)
  • Microsoft SQL Server 2016 and 2017
  • Oracle Database 12c Release 1
  • Oracle Database 19c
  • Oracle MySQL 8.0
  • PostgreSQL 9.6.15 and 11.5
SCIM inbound provisioning
  • Microsoft Active Directory 2016
  • Custom implementation through the PingFederate SDK
Just-in-time (JIT) inbound provisioning
  • PingDirectory 7.0, 7.2, 7.3, 8.0, 8.1
  • Microsoft Active Directory 2016
  • Oracle Directory Server Enterprise Edition 11g
  • Oracle Unified Directory 12c
  • Microsoft SQL Server 2016 SP2 and 2017
Account linking
  • PingDirectory 7.0, 7.2, 7.3, 8.0, 8.1
  • Microsoft Active Directory 2016
  • Oracle Directory Server Enterprise Edition 11g
  • Oracle Unified Directory 12c
  • Amazon Aurora (MySQL 5.6.10a)
  • Amazon Aurora (PostgreSQL 10.7)
  • Microsoft SQL Server 2016 SP2 and 2017
  • Oracle Database 12c Release 1
  • Oracle Database 19c
  • Oracle MySQL 8.0
  • PostgreSQL 9.6.15 and 11.5
OAuth client configuration and persistent grants
  • PingDirectory 7.0, 7.2, 7.3, 8.0, 8.1
  • Microsoft Active Directory 2016
  • Oracle Directory Server Enterprise Edition 11g
  • Oracle Unified Directory 12c
  • Amazon Aurora (MySQL 5.6.10a)
  • Amazon Aurora (PostgreSQL 10.7)
  • Microsoft SQL Server 2016 SP2 and 2017
  • Oracle Database 12c Release 1
  • Oracle Database 19c
  • Oracle MySQL 8.0
  • PostgreSQL 9.6.15 and 11.5
  • Custom implementation through the PingFederate SDK
Registration and profile management of local identities
  • PingDirectory 7.0, 7.2, 7.3, 8.0, 8.1
Persistent authentication sessions
  • PingDirectory 7.2, 7.3, 8.0, 8.1
  • Amazon Aurora (MySQL 5.6.10a)
  • Amazon Aurora (PostgreSQL 10.7)
  • Microsoft SQL Server 2016 SP2 and 2017
  • Oracle Database 12c Release 1 and 19c
  • Oracle MySQL 8.0
  • PostgreSQL 9.6.15 and 11.5
Note:

PingFederate was tested with vendor-specific JDBC 4.2 drivers. For more information, see Database driver information.

Third-party cryptographic solutions

Hardware security modules (optional)
AWS CloudHSM
  • Client software version: 3.1.1
Note:

PingFederate must be deployed on one of the Linux operating systems supported by both AWS CloudHSM and PingFederate.

Gemalto SafeNet Luna Network HSM 6
  • HSM firmware version: 6.3
  • Firmware version: 6.27.0
  • Client software version: 6.3
Gemalto SafeNet Luna Network HSM 7
  • Appliance software version: 7.2.0
  • Firmware version: 7.2.0
  • Client software version: 7.2.0
nCipher nShield Connect (in FIPS 140-2 Level 3 mode)
  • Host and Firmware version: 12.40.0
  • Client driver version: 12.40.2
  • Hardware Model: Net HSM 6000 appliance
Note:

When integrating with a hardware security module (HSM), you must deploy PingFederate with Oracle Server JRE (Java SE Runtime Environment) 8 or Amazon Corretto 8.

Software cryptographic solution
Bouncy Castle
Bouncy Castle Java FIPS 1.0.2

Hardware requirements

Minimum hardware recommendations
  • Multi-core Intel Xeon processor or higher

    4 CPU/Cores recommended

  • 4 GB of RAM

    1.5 GB available to PingFederate

  • 1 GB of available hard drive space
Note:

Although it is possible to run PingFederate on less powerful hardware, the guidelines provided accommodate disk space for default logging, auditing profiles, and CPU resources for a moderate level of concurrent request processing.