Page created: 21 Jan 2020 |
Page updated: 15 Jul 2020
PingFederate supports the optional SAML 2.0 specification allowing for encryption of assertions, including security token service (STS) SAML tokens, which further enhances confidentiality when required.
For SAML 2.0 single sign-on (SSO) connections, you can choose to encrypt entire assertions or individual user attributes, including the user's name identifier. You can use signature verification and signing keys to encrypt and decrypt messages, respectively.