PingOne Platform APIs

PingFederate SSO Admin Permissions

Admins can SSO from PingOne into PingFederate with the following roles:

PingFederate System Admin

PingFederate System admins have the following permissions:

  • Configure partner connections and most system settings, except the management of local accounts and the handling of local keys and certificates.

  • Access to PingOne administrator console.

PingFederate Auditor

PingFederate Auditors have the following permissions:

  • View-only permissions for all administrative functions.

  • Access to PingOne administrator console.

PingFederate Crypto Admin

PingFederate Crypto admins have the following permissions:

  • Manage local keys and certificates.

  • Access to PingOne administrator console.

PingFederate Expression Admin

PingFederate Expression admins have the following permissions:

  • Configure partner connections and most system settings, except the management of local accounts and the handling of local keys and certificates.

  • Map user attributes by using the expression language, Object-Graph Navigation Language (OGNL).

  • Access to PingOne administrator console.

PingFederate User Admin

PingFederate User admins have the following permissions:

  • Create users, deactivate users, change or reset passwords, and install replacement license keys.

  • View-only permissions for all administrative functions.

  • Access to PingOne administrator console.