To connect PingFederate to PingAccess, use the PingAccess administrative console.

  1. Import the SSL certificate from PingFederate and create a trusted certificate group.
  2. Configure the token provider.
    1. Click Settings, and then go to System > Token Provider > PingFederate > Runtime.
    2. In the Issuer field, enter the PingFederate issuer name.
    3. From the Trusted Certificate Group list, select the PingFed certificate group.
    4. Optional: Click Show Advanced Settings and select the Skip Hostname Verification check box.
    5. Click Save.
    6. Click Settings, and then go to System > Token Provider > PingFederate > Administration.
    7. In the Host field, enter the host name or IP address for the PingFederate Runtime.

      For example, mypingfedserver.

    8. In the Port field, enter the port number for PingFederate Runtime.

      For example, 9031.

    9. In the Admin Username field, enter the username.

      This username only requires auditor, read-only, permissions in PingFederate.

    10. In the Admin Password field, enter the password.
    11. From the Secure list, select Secure.
    12. From the Trusted Certificate Group list, select the PingFed certificate group.
    13. Click Save.
    14. Click Settings, and then go to System > Token Provider > PingFederate > OAuth Resource Server.
    15. In the Client ID field, enter the OAuth Client ID you defined when creating the PingAccess OAuth client in PingFederate.

      For example, pa_rs.

    16. In the Client Credentials Type section, select Secret, then enter the Client Secret assigned when you created the PingAccess OAuth client in PingFederate.
    17. In the Subject Attribute Name field, enter the attribute you want to use from the OAuth access token as the subject for auditing purposes.

      For example, username.

    18. Optional: Select the Send Audience check box.
    19. Click Save.
PingAccess can be configured to protect a web application.