As a standalone server, PingFederate must be programmatically integrated with end-user applications and identity management (IdM) systems to complete the “first- and last-mile” implementation of a federated identity network for browser-based single-sign-on (SSO). PingFederate supports identity and access management (IAM) integrations with a wide range of cloud, mobile, Software as a Service (SaaS), APIs, and on-premises applications.
For an identity provider (IdP), the first mile of this integration process involves providing a mechanism through which PingFederate looks up a user's current authenticated session data, such as a cookie, or authenticates a user without such a session. For a service provider (SP), the last mile involves enabling PingFederate to supply information needed by the target application to set a valid session cookie or other application-specific security context for the user. To enable both sides of this integration, PingFederate provides bundled and separately available integration kits, which include adapters that plug into the PingFederate server and agent toolkits that interface with local IdM systems or applications, as needed. In addition, PingFederate provides plugin authentication selectors, which enable dynamic selection of authentication sources based on administrator-specified criteria. For more information, see Integration overview.
For integrations that are included with PingFederate, see Bundled adapters and authenticators.
Visit the Ping Identity Integration Directory to explore 1800+ integrations and find links to downloads and documentation. For an overview of the various types of integrations that are available, see Additional integrations.