1. Open the SharePoint Management Shell.
  2. To enable the wreply parameter for the Trusted Identity Provider, run the following commands.
    $tit = Get-SPTrustedIdentityTokenIssuer
    $tit.UseWReplyParameter = $true
  3. Configure Valid Domain Names.
    1. In the PingFederate Admin console, open the connection for your SharePoint server.
    2. Go to Protocol Settings > Service URL.
    3. In the Valid Domain Name field, enter the domain name.

      If you have several web applications with a common domain name, such assales.pingdemo.com or support.pingdemo.com, and if you require extra security, add them to the list. Otherwise, to cover these and future URLs with a similar format, add the domain name with a leading wildcard (*.pingdemo.com).

    4. Select the Require HTTPS and Allow Any Query/Fragment check boxes. Click Add.
    5. Click Save.