The freedom users want. The control you need.


PingFederate® is a full-featured federation server that provides identity management, web single sign-on and API security for customers, partners, and employees. Users can securely access the applications they require with a single identity using any device. Supporting all of the current identity standards including SAML, WS-Federation, WS-Trust, OAuth and OpenID Connect, PingFederate is recognized as a leading federation product today that also future-proofs your business for tomorrow.

PingFederate provides IT organizations with the tools they require for high-integrity identity security. PingFederate allows you to keep identities and passwords where they belong while ensuring that users have access to the applications and information they need to get work done. PingFederate allows IT administrators to:

  • Centralize control over identities and authentication.
  • Standardize user provisioning and de-provisioning.
  • Monitor and audit usage for governance and compliance.
  • Develop custom administration services using extensive admin APIs.

Separate identities from apps

Allow applications to leverage a single identity and keep passwords where they belong.

Reduce password risk

Eliminate multiple passwords and integrate multi-factor authentication for extra protection.

Centralize control

Provide a single interface for web SSO, access management and user provisioning.

Gain valuable insights

Monitor SSO performance metrics, traffic, and compliance from a single system.

With PingFederate, you can:

  • Integrate with your existing identity stores, cloud directories or social identity providers.
  • Make access decisions based on device, location, time of day or other contextual data.
  • Augment authentication data with information from disparate data stores or identity systems.
  • Use complex rules to make access decisions based on identity attributes, group memberships or authentication methods.
  • Protect both your web applications and APIs with standard protocols like SAML, OAuth and OpenID Connect.
  • Provide advanced federation protocol aggregation and translation.

PingFederate includes rich integration components for identity stores like Active Directory and LDAP, web access management systems and multi-factor authentication systems like PingID®. PingFederate also provides simple REST APIs that authentication and service applications can leverage for user authentication, provisioning and secure single sign-on. PingFederate integrates with:

  • Microsoft IIS and Apache HTTP Server.
  • .NET, Java, PHP, Perl, Python and other development languages.
  • IBM WebSphere, Oracle Weblogic, Apache Tomcat.
  • CA Siteminder, Oracle Access Manager, Tivoli Access Manager, SAP Netweaver.
  • Active Directory, Azure AD, LDAP, RADIUS, x.509.
  • PingID™, RSA SecurID, Symantec VIP, Google Authenticator.
  • PeopleSoft, ADP, Microsoft Dynamics and other commercial applications.
  • Amazon Web Services, Citrix XenApp and other virtualization platforms.
  • Thousands of SaaS applications.

Whether implementing in your datacenter or on an infrastructure as a service (IaaS) such as Amazon Web Services, PingFederate is uniquely able to connect private cloud environments with public cloud, multi-tenant apps like Salesforce, Dropbox and Office 365. Integrating PingAccess with PingFederate allows you to extend this standards-based identity security to your own web application and APIs at a very large scale, simply and reliably.