The STS shares the core functionality of PingFederate, including console administration, identity and attribute mapping, and certificate security management. With PingFederate, web services identify the end user who has initiated a transaction across domains, providing enhanced service while simultaneously ensuring appropriate information access and regulatory accountability. For information about WS-Trust and the role of an STS, see Web services standards.

You can use PingFederate in many different scenarios to address different identity and security problems as they relate to web services, service-oriented architecture (SOA), and Enterprise Service Buses. All of these scenarios share a recommended architectural approach that uses a SAML assertion as the standard security token shared between security domains. For more information, see WS-Trust STS.

WS-Trust Security Token Service SSO
Diagram depicting how WS-Trust Security Token Service SSO works between PingFederate and the Service Provider.