The PingFederate WS-Trust Security Token Service (STS) allows organizations to extend single-sign on (SSO) identity management (IdM) to web services.
You can configure the WS-Trust STS for partner connections independently or in conjunction with browser-based SSO for either an identity provider (IdP) or a service provider (SP) deployment. The STS is bundled with separate plug-ins for standard SAML token processing and generation.
For information about WS-Trust and the role of an STS, see Web services standards.
PingFederate employs a partner-connection configuration for both IdP and SP roles, which enables the association of web services authentication policies with federation partners. For more information, see Connection-based policy.
Token processor and generator
PingFederate provides support for a variety of security-token formats through token processors and generators. For more information, see Token processors and generators.
WSC and WSP support
Ping Identity provides the Java client software development kit (SDK) for enabling web service applications to interact with the PingFederate STS. For more information, see WSC and WSP support.
STS OAuth integration
PingFederate STS provides several ways to facilitate the use of issued tokens with an OAuth authorization server (AS). For more information, see STS OAuth integration.