You can use the PingFederate administrative console to choose an identity provider (IdP) connection type.
You can indicate on the Connection Type tab whether the connection to this partner is for browser single sign-on (SSO), WS-Trust security token service (STS), OAuth, SAML, inbound provisioning, or a combination of them.
You can add STS, OAuth, and outbound provisioning support to any existing SSO connection, or vice versa, at any time. However, when OpenID Connect is the chosen protocol for browser SSO, the other types become unavailable.
If your partner's deployment also supports multiple protocols and you intend to communicate using more than one, you must set up a separate connection for each protocol. Each connection must use a unique partner connection ID.
On the Connection Type tab, indicate the desired type of
connection to your partner.
Choice Action Configure a connection for secure browser-based SSO Select the Browser SSO Profiles check box and a protocol from the list, if necessary. Configure an STS connection Select the WS-Trust STS check box and the default token type from the list. Configure a connection that exchanges SAML assertions or JSON web tokens (JWTs) for access tokens Select the OAuth Assertion Grant check box.Note:
The OAuth Assertion Grant option is available only if at least one Access Token Manager instance has been configured on the window
For more information about these standards, see Security Assertion Markup Language (SAML) 2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants and JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants.
Configure an inbound provisioning connection Select the Inbound Provisioning check box and choose to support provisioning of users only (User Support) or users and groups (User and Group Support). For groups, nested group membership, if any, is preserved.
If your PingFederate license manages connections by groups, you can select a group
for this connection.
This option is not displayed for unrestricted or other types of licenses.