If your organization primarily uses a Microsoft Windows platform, you can have your PingFederate nodes on Windows servers, and you can use Microsoft SQL Server for your databases. One example use case for this type of datastore is storing OAuth grants in a clustered environment.

High availability requirements for this database should follow your organization’s procedures and are outside the scope of this document. Any database maintenance tasks are also not addressed in this document.


PingFederate 9.3 or later

Before you begin

You must have:

  • An SQL server on the network, accessible from the PingFederate nodes on its assigned port

    Port 1433 is the default port for SQL server. You can test connectivity to the server:port with the telnet command line utility.

  • Access to a database on the server with the correct tables

    Work with the database administrator to determine an appropriate name for your database, such as “PingFederate”.


    For storing OAuth grants, you can find the table creation scripts (access-grant-sqlserver.sql and access-grant-attribute-sqlserver.sql) in <pf_install>/pingfederate/server/default/conf/access-grant/sql-scripts.

  • A user account in the Active Directory (AD) domain you can use as a service account

    It does not need any special domain privileges, but it receives local permissions on your PingFederate nodes.

    Work with your database administrators to ensure the user account in the AD has permissions to access and write to the database.