PingFederate clients can gain access to the administrative API endpoint by providing an OAuth 2.0 access token. The <pf_install>/pingfederate/bin/oauth2.properties file contains settings that allow you to configure information required to interact with the authorization server as a client.
file, set the value of the pf.admin.api.authentication
You can also configure PingFederate to support both
OAuth2authorization and a basic authentication method by specifying two values separated with a comma. For example, specify
pf.admin.api.authentication=OAuth2,LDAP. The basic authentication methods are
RADIUS. Supporting two authentication methods is helpful when you want to change applications from one method to another. For more information about supporting two authentication methods, see the description of pf.admin.api.authentication in Configuring PingFederate properties.
file, change property values as needed. For instructions and additional
information, see the comments in the file.
Remember to assign at least one of the PingFederate administrative roles, as indicated in the properties file. For information about permissions attached to the PingFederate roles, see the PingFederate User Access Control table in Configure access to the administrative API.
In a clustered PingFederate environment, you only need to modify run.properties and oauth2.properties on the console node.