Microsoft .NET Other Documents Integrations Language English Integration Content Type Product documentation Audience Administrator
With the .NET Integration Kit, PingFederate exchanges user attributes with your .NET
application through an OpenToken token.
The following figure shows a basic identity-provider (IdP)-intiated single sign-on (SSO)
scenario in which PingFederate federation servers using the .NET Integration Kit exist on
both sides of the identity federation:
Description
A user initiates an SSO transaction.
The IdP application inserts user attributes into the agent toolkit for .NET, which
encrypts the data internally and generates an OpenToken token.
A request containing the OpenToken is redirected to the PingFederate IdP server.
The server invokes the OpenToken IdP Adapter, which retrieves the OpenToken, decrypts,
parses, and passes the user attributes to the PingFederate IdP server. The PingFederate
IdP server then generates a SAML assertion.
The SAML assertion is sent to the SP site.
The PingFederate SP server parses the SAML assertion and passes the user attributes to
the OpenToken SP Adapter. The adapter encrypts the data internally and generates an
OpenToken.
A request containing the OpenToken is redirected to the SP application.
The Agent Toolkit for .NET decrypts and parses the OpenToken and makes the user
attributes available to the SP Application.
