You can configure the WS-Trust STS for partner connections independently or in conjunction with browser-based SSO for either an identity provider (IdP) or a service provider (SP) deployment. The STS is bundled with separate plug-ins for standard SAML token processing and generation.

For information about WS-Trust and the role of an STS, see Web services standards.

Connection-based policy

PingFederate employs a partner-connection configuration for both IdP and SP roles, which enables the association of web services authentication policies with federation partners. For more information, see Connection-based policy.

Token processor and generator

PingFederate provides support for a variety of security-token formats through token processors and generators. For more information, see Token processors and generators.

WSC and WSP support

Ping Identity provides the Java client software development kit (SDK) for enabling web service applications to interact with the PingFederate STS. For more information, see WSC and WSP support.

STS OAuth integration

PingFederate STS provides several ways to facilitate the use of issued tokens with an OAuth authorization server (AS). For more information, see STS OAuth integration.