Downloading and installing PingFederate - PingFederate

How-to Guides
bundle
solution-guides
ft:publication_title
How-to Guides
Product_Version_ce
category
ContentType
howtodoc
ContentType_ce
How-to
  • How-to Guides Overview
  • Getting Started
  • Getting started with PingAccess
  • Getting Started with PingFederate
  • Downloading and installing PingFederate
  • Additional information
  • Getting started with PingID core settings
  • Configuring PingID quick setup
  • PingID advanced setup
  • Planning your upgrade
  • Upgrade planning guide
  • Upgrade process
  • General upgrade best practices
  • Product-specific upgrade guides
  • Best Practice Guides
  • Best Practices: Session Management
  • Key findings
  • Recommendations
  • Best Practices: Elevated Rights for PingDirectory
  • Capabilities
  • ACI best practices
  • Privileges best practices
  • Client connection policy best practices
  • Examples
  • Best Practices: Performance Testing PingDirectory
  • Best Practices: PingDirectory Operational Support
  • Best Practices: PingFederate SAML Signing Certificates
  • Best Practices: Performance Testing for PingFederate
  • Best Practices: Journey to Passwordless
  • Workforce passwordless journey
  • Planning the workforce passwordless journey
  • Lessons learned from the workforce passwordless journey
  • Deploying products
  • Enabling passwordless authentication in the PingID cloud service
  • Enabling passwordless authentication in a PingFederate authentication policy
  • PingID passwordless use cases
  • Setting up Windows passwordless login
  • Creating a PingOne environment and connecting it to a PingID account
  • Configuring identity store provisioners
  • Creating an issuance certificate in PingOne
  • Creating an authentication policy (Windows passwordless)
  • Creating and configuring a passwordless Windows login application in PingOne
  • Generating a KDC certificate
  • Installing the Windows login - passwordless integration on client computers
  • Using the PowerShell script for setting up Windows login - passwordless
  • Troubleshooting Windows login - passwordless
  • Standards and Protocols
  • Changing the federation protocol in Office 365 from WS-Federation to SAML2P
  • Configuring browsers for Kerberos and NTLM
  • Integrated Windows Authentication Group Policy browser settings
  • Providing a persistent SAML NameID format in PingFederate
  • Using OpenSSL s_client commands to test SSL connectivity
  • Customer
  • Authenticating with social media providers
  • Authenticating with social media providers using PingOne
  • Authenticating with social media providers using PingFederate
  • Customizing SSO user sign-on windows in PingFederate
  • Enabling MFA for your application
  • Obtaining logging data from PingOne
  • Audit parameter fields
  • Setting up an agent in PingAccess
  • Configuring an agent for PingAccess
  • Configuring a token provider
  • Installing the agent
  • Setting up an OIDC application in PingFederate
  • Setting up and customizing sign-on windows in PingOne
  • Setting up password recovery in PingOne
  • Setting up password reset in PingOne
  • Setting up an LDAPS datastore connection in PingFederate
  • Configuring an HTML Form Adapter instance for password reset
  • Resetting a password using various methods
  • Resetting a password through the HTML Form sign on page
  • Resetting a password using a link through email
  • Resetting a password using a one-time passcode through email
  • Resetting a password through a text or SMS message
  • Setting up PingDataSync between Active Directory and PingOne
  • Setting up PingDataSync between PingDirectory and PingOne
  • Workforce
  • Authenticating Azure AD tenants who don't have their own Azure account
  • Creating an OIDC V2 app for AuthN
  • Viewing and updating the app in ADD dashboard
  • Creating an OpenID Connect IdP connection in PingFederate
  • Configuring adaptive authentication in PingFederate
  • Creating a new selector
  • Configuring the authentication policy
  • Configuring an Active Directory datastore for PingFederate
  • Configuring an Active Directory datastore
  • Configuring a SAML application
  • Connecting PingFederate to a Microsoft SQL JDBC datastore with Windows authentication
  • Adding a new user
  • Assigning the Log on as a service policy to the new user
  • Editing the sign-on tab for the PingFederate service
  • Deploying the required JDBC driver files and DLLs
  • Creating the JDBC datastore connection in PingFederate
  • Testing the newly created external datastore
  • Connecting PingFederate with Yahoo through OIDC
  • Creating an OIDC app in your Yahoo developer account
  • Creating an OIDC type IdP connection
  • Creating a local identity profile
  • Creating an HTML form IdP adapter
  • Creating a policy to fulfill the policy contract chosen in the LIP
  • Testing the configuration
  • Delegating all authentication to an external IdP
  • Configuring an external IdP
  • Creating an external IdP authentication policy
  • Enabling SLO for a PingAccess-protected application using PingFederate
  • PingAccess Logout endpoint
  • Configuring PingAccess partial logout
  • Configuring global single logout
  • Configuring PingFederate for PingAccess single logout
  • Integrating Pulse Connect Secure with PingFederate
  • Exporting SAML metadata from PingFederate
  • Exporting the signing certificate from PingFederate
  • Configuring SAML integration with PingFederate in Pulse Connect Secure
  • Configuring SAML integration with Pulse Connect Secure in PingFederate
  • Protecting a web application with PingAccess using PingFederate as the token provider
  • Setting up PingFederate 10.1
  • Setting up PingAccess 6.1
  • Preparing PingFederate for PingAccess connectivity
  • Connecting PingFederate and PingAccess
  • Protecting a web application with PingAccess
  • Protecting your VPN with PingID MFA
  • Setting up a login form that validates credentials against AD in PingFederate
  • Configuring the datastore
  • Configuring the password credential validator
  • Configuring the IdP adapter
  • Setting up an agent in PingAccess
  • Configuring an agent for PingAccess
  • Configuring a token provider
  • Installing the agent
  • Setting up an authentication flow that includes MFA (PingFederate and PingID)
  • Creating a password credential validator in PingFederate
  • Creating an HTML adapter that uses the PCV
  • Downloading the pingid.properties file in PingOne for Enterprise
  • Creating a PingID adapter in PingFederate
  • Creating an authentication policy contract
  • Creating an SP connection
  • Creating an authentication selector
  • Creating an authentication policy
  • Testing your connection
  • Setting up an authentication flow that includes MFA (PingOne for Enterprise and PingID)
  • Setting up an OIDC application in PingFederate
  • Setting up and testing a custom authentication policy
  • Creating a custom authentication policy in PingFederate
  • Testing a custom authentication policy in PingFederate (HTML Form with PingID MFA)
  • Setting up Kerberos authentication in PingFederate
  • Configuring the Active Directory domain/Kerberos realm
  • Configuring the IdP adapter
  • Setting up password recovery in PingFederate
  • Creating an LDAP datastore in PingFederate
  • Creating an LDAP PCV in PingFederate
  • Configuring an HTML Form Adapter instance in PingFederate for account recovery and password change
  • Setting up passwordless authentication in PingOne
  • Creating a passwordless authentication policy in PingOne
  • Creating an authentication policy for users without a paired MFA device
  • Adding the authentication policies to an application
  • Testing the configuration
  • Setting up PingFederate as a FedHub
  • Reviewing the configuration process flow
  • Creating a policy contract
  • Creating a service provider connection
  • Creating an identity provider connection
  • Creating an authentication policy in PingFederate
  • Setting up your PingOne Dock
  • Configuring user access control for PingOne Directory
  • Configuring user access control for a third-party identity provider
  • Configuring the PingOne Dock
  • Adding your branding to the PingOne Dock
  • Updating a PingOne for Enterprise verification certificate on an unmanaged PingFederate identity bridge
  • Single Sign-On
  • Changing certificates from SHA-1 to SHA-2 in PingFederate
  • Connecting Okta as an IdP through SAML to PingFederate as an SP
  • Configuring Okta as the IdP
  • Configuring PingFederate as the SP
  • Troubleshooting
  • Configuring federation with SharePoint server
  • Creating WS-Federation connection on the PingFederate server
  • Exporting the signing certificate
  • Adding a trusted identity provider to the SharePoint server
  • Assigning the created PingFederate trusted identity provider to the web application
  • Enabling additional configuration options
  • Configuring authentication request signing in PingOne for Enterprise
  • Configuring PingOne for Enterprise SSO with PingFederate Bridge as the identity repository
  • Connecting PingFederate Bridge to PingOne for Enterprise through the PingOne for Enterprise admin portal
  • Connecting PingFederate Bridge to PingOne for Enterprise through PingFederate Bridge
  • Configuring PingOne for Enterprise SSO with PingFederate Bridge
  • Configuring SailPoint IdentityIQ with PingDirectory and PingFederate
  • Implementing an LDAPS connection with PingDirectory and IdentityIQ
  • Configuring a trusted certificate in PingDirectory
  • Connecting the IdentityIQ application to PingDirectory
  • Configuring the IdentityNow application for PingDirectory
  • Implementing SAML-based SSO with PingFederate and IdentityIQ
  • Creating an SP connection to IdentityIQ in PingFederate
  • Configuring IdentityIQ for SAML-based SSO
  • Configuring SP-initiated SSO in PingOne for Enterprise
  • Configuring time synchronization between PingFederate and other servers
  • Configuring Workday SSO with PingOne for Enterprise or PingFederate
  • Enabling SCIM provisioning with AWS IAM Identity Center and PingFederate
  • Extending a PingFederate authentication session for corporate identifiers
  • Configuring the Identifier First Adapter
  • Configuring the Session Authentication Selector
  • Adding an authentication policy
  • Setting an OGNL expression
  • Federating PingOne and PingFederate
  • Configuring PingFederate
  • Creating a certificate in PingFederate and converting it to .p7b format
  • Configuring a new IdP in PingOne and downloading the IdP metadata
  • Configuring a new SP connection in PingFederate
  • Exporting the SP connection metadata in PingFederate and updating the SSO endpoint in PingOne
  • Adding the new connection to an authentication policy in PingOne
  • Testing the connection
  • Federating PingOne and Salesforce
  • Enabling the Salesforce identity provider
  • Creating an identity provider in PingOne
  • Creating a connected app in Saleforce
  • Adding the IdP to the PingOne authentication policy
  • Creating a permission set in Salesforce
  • Assigning users to the permission set
  • Signing on with your Salesforce IdP
  • Integrating CyberArk with Ping products for SSO and authentication
  • Integrating CyberArk with PingOne for Enterprise
  • Configuring a PingOne for Enterprise SAML Connection for CyberArk PVWA
  • Configuring a PingOne for Enterprise authentication policy for PingID MFA using CyberArk PVWA
  • Integrating CyberArk with PingFederate
  • Configuring a PingFederate SAML connection for CyberArk PVWA
  • Configuring a PingFederate authentication policy using PingID MFA authentication for CyberArk PVWA
  • Configuring SAML for CyberArk PVWA
  • Product integration and overview
  • Integrating PingOne with 1Password Business for SSO
  • Adding an OIDC web application
  • Configuring the new application to serve as an identity provider
  • Configuring 1Password for SSO
  • Testing the connection
  • Specifying who can use SSO to access 1Password
  • Registering Azure AD devices automatically through PingFederate for Windows 10 devices
  • Azure AD registration process
  • Preparing Azure AD for automatic device registration
  • Configuring PingFederate server
  • Controlling deployment and rollout
  • Verifying device registration status
  • Setting up PingFederate session revocation by user identifier
  • Configuring adapter settings
  • Configuring session settings
  • Configuring an OAuth client
  • Configuring an access token manager
  • Using the API
  • Setting up Microsoft Exchange 2016 Outlook Web Access (OWA) with PingFederate
  • Setting up SSO with Active Directory
  • Using Palo Alto Networks Next-Generation Firewall with Ping products
  • Configuring SSO for GlobalProtect VPN with PingFederate
  • Exporting the SAML Metadata from PingFederate
  • Configuring a SAML Integration with PingFederate in NGFW
  • Importing the NGFW Metadata into PingFederate
  • Configuring SSO for GlobalProtect VPN with PingOne for Enterprise
  • Using the PingFederate Authentication API in a DevOps environment
  • Overview of the PingFederate Authentication API
  • Enabling the Authentication API in PingFederate
  • Enabling redirect flows for API Explorer
  • Enabling redirectless flows for Postman
  • Testing redirect flows with OAuth Playground
  • Testing redirectless flows in Postman
  • Multi-Factor Authentication
  • Adding multi-factor authentication to secure apps (PingID with PingAccess)
  • Creating a SAML authentication policy contract
  • Creating an authentication selector
  • Creating an authentication policy tree
  • Adding an OAuth authentication policy mapping
  • Adding access settings and policy rules in PingAccess
  • Configuring offline MFA with PingID
  • Configuring PingFederate for MFA-only VPN
  • Creating a datastore connection
  • Configuring an Identifier First Adapter
  • Configuring a PingID Adapter
  • Configuring an authentication policy
  • Configuring PingOne for Amazon Alexa account linking
  • Integrating MFA with SSO (PingID with PingFederate)
  • Securing your VPN with MFA through PingID
  • Enabling PingID for VPN through the PingOne for Enterprise admin portal
  • Enabling PingID for VPN through PingFederate Bridge
  • Configuring PingID for VPN with PingFederate Bridge
  • Setting up multi-factor authentication with Ping Identity products
  • Using SAML and token exchange to federate into AWS through the AWS Command Line Interface
  • Creating a new SP connection in PingFederate
  • Downloading AWS .jar files
  • Modifying PingFederate system properties
  • Creating a token processor
  • Changing the AWS SAML connection to use WS-Trust STS
  • Writing a script to get the security token from AWS
  • Data and Application Security
  • Configuring OIDC authentication for AWS EKS clusters
  • Creating a PingOne OIDC application
  • Configuring kubectl for OIDC
  • Authenticating to EKS
  • Configuring medium-grained application access control through Azure AD, PingFederate, and PingAccess
  • Setting up Azure AD as an OIDC provider in PingFederate
  • Setting up Azure AD as an OIDC provider for PingAccess in PingFederate
  • Connecting PingFederate to PingAccess using the OIDC protocol
  • Connecting OAuth 2.0 and OpenID Connect with PingAccess
  • Configuring PingAccess to protect a web application
  • Performing final steps
  • Protecting PingAccess resources through external IdPs with PingFederate acting as an SP (leveraging FedHub)
  • Protecting PingFederate behind a gateway deployment of PingAccess
  • Exporting the PingFederate certificate that protects the runtime listener
  • Importing the certificate in PingAccess
  • Creating a PingAccess site to protect PingFederate
  • Creating a PingAccess virtual host
  • Creating a PingAccess application leveraging the site and the virtual host
  • Creating a key pair associated with the new PingFederate host name
  • Tying the newly imported key pair to the associated virtual host
  • Setting PingAccess's token provider to match the PingAccess application
  • Updating PingFederate's base URL
  • Verifying that access to PingFederate routes through PingAccess
  • Directory
  • Configuring virtual attributes in PingDirectory
  • Declaring a new attribute that is equivalent to isMemberOf
  • Declaring a new attribute in the PingData administrative console
  • Using an LDIF file to declare a new attribute type in PingDirectory
  • Creating a virtual attribute
  • Creating a virtual attribute in the PingData administrative console
  • Using the command line to create a virtual attribute in PingDirectory
  • Getting started with PingDirectory on Kubernetes
  • Developer APIs
  • Integrating PingID with PingFederate through APIs
  • Performing common administrative tasks using the PingID API with Windows PowerShell
Page created: 5 Mar 2020 |
Page updated: 28 Dec 2022
| 1 min read

Content Type How-to PingFederate Product Capability Single Sign-on (SSO)
  1. Download PingFederate.
  2. Install Pingfederate.
  3. Start PingFederate and then open the administrative console.

    The first time you open the administrative console, PingFederate guides you through the setup wizard.

  4. Familiarize yourself with the PingFederate administrative console.

    The PingFederate user interface consists of menus, windows, and tabs.

Back to home page