You can select the database that PingFederate should use internally to facilitate provisioning for service providers when PingFederate is configured as an identity provider (IdP).
Before configuring outbound provisioning settings, you must enable outbound provisioning
through the pf.provisioner.mode
property in the
<pf_install>/pingfederate/bin/run.properties
file. For more information, see Configuring PingFederate properties.
If you want to use failover provisioning, configure the
provisioner.node.id
and
provisioner.failover.grace.period
properties, which are also located
in
<pf_install>/pingfederate/bin/run.properties.
These properties are described in Deploying provisioning failover.
The database stores the state of synchronization between the source datastore and the target datastore, enabling periodic checking to determine whether updates are required at the target site. PingFederate checks the source datastore for changes every minute by default. As needed, you can change the provisioning synchronization frequency on this tab as well.
Use the built-in HSQLDB only for trial or training environments. For testing and production environments, always use a secured external storage solution for proper functioning in a clustered environment.
Testing involving HSQLDB is not a valid test. In both testing and production, it might cause various problems due to its limitations and HSQLDB involved cases are not supported by PingIdentity.
PingFederate is tested with Amazon Aurora (MySQL and PostgreSQL), Microsoft SQL Server, Oracle Database, Oracle MySQL, and PostgreSQL as internal provisioning datastores. A demonstration-only, embedded HSQLDB database is installed by default. Scripts to aid setup are in the directory <pf_install>/pingfederate/server/default/conf/provisioner/sql-scripts.