PingFederate 6.10.1
Managing SP Connections

As an IdP, you manage connection settings to support the exchange of federation-protocol messages (SAML, WS-Federation, or WS-Trust) with an SP or STS client application at your site.

If you are configuring a new connection only for WS-Trust STS, follow the sections in this part of the manual up to and including General Information. Then turn to WS-Trust STS Configuration.

These settings include:

  • User attributes you expect to send in an SSO assertion (including STS SAML tokens).
  • User attributes that may be sent using the Attribute Query profile (if that profile is used).
  • The protocol and, for SAML, the profile you will use, including detailed security specifications (the use of digital signatures, signature verification, XML encryption, and SSL). For more information see Supported Standards in Getting Started.

To continue with the configuration, you and your connection partner must have decided this information in advance (see Federation Planning Checklist). Your federation partner must supply some connection settings and other information (see Configuration Data Exchange).

If you are configuring connections to more than one partner under SAML 2.0 specifications, or if you intend to add partners in the future, consider using Auto-Connect (see Configuring SP Auto-Connect).

If your agreement includes sending assertions containing attribute values from a local data store, then you need to define the data store during this configuration if you have not done so already (see Managing Data Stores).