Automation of the PingFederate engine can be managed via the PingFederate REST Administrative API. This API can be used to automate common tasks and integrate the PingFederate server into deployment and audit services.
Note: You can view and interact with the API reference documentation by pointing your web browser to:
Integrate your applications and infrastructure with PingFederate using the Java SDK. This SDK provides interfaces to integrate and extend the PingFederate SSO engine.
PingFederate provides integration kits to make that "first-mile" and "last-mile" connection to your application. Integrate via code or into the web application infrastructure simply and securely.
PingFederate can be configured in a WS-Trust STS role. This allows web services clients and web service provides to use the PingFederate STS to exchange tokens for cross-domain authentication.
The STS can also be used by developers to exchange tokens in a standard manner. For example, the STS can be used to exchange an OAuth 2.0 access token for a SAML assertion, or a SAML assertion for a WAM token.
PingAccess can be completely managed via API rather than interactively through the administration console. This allows for tight integration into existing systems and automation of common tasks, actions and audits.
Note: You can view and interact with the API reference documentation by pointing your web browser to your PingAccess instance: https://[your_pa_admin_server]:[pa_admin_port]/pa-admin-api/v2/api-docs/
The PingAccess Server SDK provides Java interfaces to extend the PingAccess product by building custom Site Authenticators and Policies.
The PingAccess Agent protocol and SDK provides Java interfaces to extend the authorization policies defined in PingAccess to other clients, applications and services. The agent protocol uses the HTTP protocol to query PingAccess for authorization decisions allowing these policies to be maintained in a single location and used across multiple applications and scenarios.
The PingOne Directory provides a hosted directory service that developers can use to store user authentication and profile data. The directory interface uses the System for Cross-Domain Identity Management (SCIM) v1.1 open standard protocol. SCIM provides both a defined schema for user representation as well as a RESTful API for performing user and group CRUD actions (Create, Read, Update and Delete).
Enabling SSO into SaaS applications can be simplified by using the PingOne Application Provider Services (APS) to connect your application with the PingOne service.
APS includes a simple REST API to integrate SSO into your application and a REST management API to manage connection to your application.
The PingID API allows developers to integrate PingID authentication into their applications by providing the interface to initiate an authentication request in their code. Administrators can also leverage the user management API to manage their PingID users including registration, pairing users and devices and general admin tasks such as suspending and bypassing PingID.
PingID SDK enables developers of mobile apps on iOS or Android to include advanced MFA functionality that is on-brand and customizable within their mobile applications. The APIs provide for application integration of secure out-of-band web authentication, user registration and self-management of a network of trusted devices, and approval of transactions from trusted devices. Administrators can also leverage the user management API to manage their PingID users including registration, pairing users and devices and general admin tasks such as suspending and bypassing PingID.
The Consent Service is an HTTP-based REST API hosted by the PingDirectory Server or PingDirectory Proxy Server that collects and manages consent or user privacy settings from application users. By integrating these APIs into their applications, enterprises can promote data transparency and protection of user data. The service also helps companies address General Data Protection Regulation (GDPR) mandates.
The Directory REST API allows application developers to integrate applications more quickly with PingDirectory by using modern programming languages and popular libraries. Authorized applications can access and update any directory object using HAL+JSON encoding over predictable, internet-friendly HTTP REST APIs. The Directory REST API supports data object classes of every purpose without limit—including user profiles, groups, roles, entitlements, and device data—and also supports hierarchical collections, structured and unstructured attributes, advanced searching, and advanced attribute retrieval.
The PingDirectory SCIM API enables enterprises to manage identity information between software and SaaS products that support the SCIM standard. Administrators can connect these products to PingDirectory to support use cases like user provisioning and identity governance. The PingDirectory SCIM API is RFC-compliant for SCIM version 1.1, including support for all of the required features and most of the optional features. Notable SCIM features supported are filtering, sorting, pagination, multi-values complex attributes, and partial updates via HTTP PATCH. In order to support a common interchange format between PingDirectory and other products, administrators can map SCIM schema attributes to native directory object classes and attributes.