Client authentication schemes - PingFederate

Client authentication schemes - PingFederate - 11.1

PingFederate Server

bundle

pingfederate-111

ft:publication_title

PingFederate Server

Product_Version_ce

PingFederate 11.1

category

Administrator

Audience

Capability

DeploymentMethod

Product

SingleSignonSSO

Software

SystemAdministrator

pf-111

pingfederate

ContentType_ce

Most OAuth and OpenID Connect use cases require the client application to authenticate successfully before its requests can be processed further.

As an OAuth authorization server (AS), PingFederate supports the following client authentication schemes:

Client secret for HTTP Basic authentication
Client TLS certificate for mutual TLS authentication
Private key JWT for the private_key_jwt client authentication method, as defined in the OpenID Connect specification
None when authentication is not required

When deployed as an OpenID Connect Relying Party (RP), PingFederate authenticates through client secret and private key JSON web tokens (JWT). It also handles the scenario where authentication is not required.