PingCentral API Reference

Orchestration - PingFederate

The following orchestration API endpoints support operations to read PingFederate orchestration resources.

OIDC connection orchestration

PingCentral currently only orchestrates clients, OIDC policies, and access token managers. With PingCentral, OIDC client authentication can only occur if PingFederate is correctly configured with the appropriate data sources, password credential validators, authentication policies, policy contracts, policy contract mappings, persistent grants, and access token mappings. In this version, you cannot create clients with direct adapter mappings to an IdP adapter.

SAML connection orchestration

PingCentral currently only orchestrates the PingFederate IdP connection. With PingCentral, SAML connection authentication can only occur if PingFederate is correctly configured with the appropriate data sources, password credential validators, authentication policies, and policy contracts. In this version, you cannot create connections to an IdP adapter with direct adapter mappings.

PingFederate data model details

The following sections provide a summary of the PingFederate client dependencies, client summaries, service provider connection details, and service provider connection summaries data model properties.

PingFederate client dependencies data model

Property Description

atmsJson

A string that specifies the Access Token Manager JSON associated with the PingFederate client.

clientJson

A string that specifies the client JSON associated with the PingFederate client.

oidcPolicyJson

A string that specifies the OIDC policy JSON associated with the PingFederate client.

PingFederate client summary views data model

Property Description

items.attributes

An array of strings that specifies the list of extended OIDC attributes.

items.client

A string that specifies the client JSON for a client.

items.clientId

A string that specifies the client ID of a client.

items.description

A string that specifies the PingFederate client summary description.

items.exclusiveScopes

An array of strings that specifies the list of exclusive scopes for a client.

items.grantTypes

An array of strings that specifies the list of grant types for a client.

items.name

A string that specifies the client name.

items.oidcPolicyName

A string that specifies the name of the OIDC policy associated with a client.

items.redirectUrls

An array of strings that specifies the list of redirect URIs associated with a client.

items.scopes

An array of strings that specifies the list of restricted common scopes associated with a client.

items.usedByPA

A boolean that specifies whether the client is associated with a web session in PingAccess.

PingFederate service provider connection details data model

Property Description

authenticationPolicyContractDetails

A string that specifies the authentication policy contract details for this client connection.

authenticationPolicyContractDetails.description

A string that specifies the authentication policy contract details for a PingFederate SAML SP connection.

authenticationPolicyContractDetails.id

A string that specifies the ID of the authentication policy contract.

authenticationPolicyContractDetails.identityAttributeNames

An array of strings that specifies the list of identity attribute names associated with the authentication policy contract.

authenticationPolicyContractDetails.name

A string that specifies the name of the authentication policy contract.

authenticationPolicyContracts.description

A string that specifies the authentication policy contract details for a PingFederate SAML SP connection.

authenticationPolicyContracts.id

A string that specifies the ID of the authentication policy contract.

authenticationPolicyContracts.identityAttributeNames

An array of strings that specifies the list of identity attribute names associated with the authentication policy contract.

authenticationPolicyContracts.name

A string that specifies the name of the authentication policy contract.

connectionJson

A string that specifies the connection JSON for the SAML application.

PingFederate service provider connection summary data model

Property Description

items.acsUrl

A string that specifies the assertion consumer service (ACS) URL associated with a connection.

items.authenticationPolicyContractAssertionMappings

An array of strings that specifies the list of authentication policy contract assertion mappings for a connection.

items.connection

A string that specifies the connection JSON associated with a connection.

items.description

A string that specifies the PingFederate SAML SP connection summary.

items.enabledProfiles

An array of strings that specifies the list of the enabled profiles of a connection.

items.entityId

A string that specifies the entity ID associated with a connection.

items.id

A string that specifies the ID associated with a connection.

items.incomingBindings

An array of strings that specifies the list of the incoming bindings of a connection.

items.name

A string that specifies the name of a connection.

items.protocol

A string that specifies the protocol of a connection (for example, SAML20).

items.spCertificate

A string that specifies the service provider certificate associated with a connection.

items.type

A string that specifies the type of connection (for example, SP).

Response codes

Code Message

200

Successful operation.

400

The request could not be completed.

401

You do not have access to this resource.

403

You do not have permissions or are not licensed to make this request, or your license is exceeded.

404

The requested resource was not found.