Where do I find PingFederate's "Relying Party"? (To be set in "AppliesTo" of the SAML RST)
I am working to understand the SAML request process using PingFederate.
I am making the SAML RST request in order to gain access to a SharePoint Online instance. PingFederate SSO is successfully set up and users must login through ping in order to get to sharepoint online.
Now I want to make a Saml RST to PingFederate STS using the Java STS SDK 1.1.
I have a working STS endpoint: https://my.ping.endpoint/sp/sts.wst And my SharepointOnline endpoint is: https://mydomain.sharepoint.com
I am trying to figure out what to use as AppliesTo in this scenario.
Definition:
The Relying Party realm the token is to be issued for.
I've tried setting it to anything we can think of. But no luck. I was fairly sure I could use: https://tenantname.sharepoint.com/_forms/default.aspx?wa=wsignin1.0 but it didn't work. I keep getting a SOAP Fault from ping STS:
Unable to determine partner SP connection by AppliesTo: http://my-AppliesTo-url-here
Is this some URL I need to get from the PingFederate admin UI? How can I find this?
Under your "SP Connection", "WS-Trust STS", "Protocol Settings" there is a place to enter the "PARTNER SERVICE IDENTIFIER (CORRESPONDS TO APPLIESTO IN RST)"
- Failed to make identity provider oauth callback: javax.net.ssl.SSLHandshakeException:
- Local user accounts not created properly in Azure AD B2C
- spring-boot-starter-oauth2-client not sending client_id to external SSO
- Unable to lookup idp connection metadata for entityid='http://sp.example.com/sp'
- PingFederate Sample IdP and SP Applications
- PingFederate : Could not obtain attributes from the IdP Authentication Service
- How to get SAML Response from Ping Federate Service provider to local server?
- What is the correct OAuth2 flow to use where user is already authenticated
- how to use azure ad to spring boot auth 2.0 application?
- Bulk insert in PingDirectotry
- Integrate a .net core solution with PingID
- Encode my access token (JWT) with my own key value pair - Android
- Meet "INTERNAL ERROR: Please contact your support." when configure SAML web SSO on WebSphere Application server
- Spring to Ping: how to configure Spring Rest Service to use External Authorization Server PingFederate
- Authenticate Angular Application to Web Api with Existing SSO using Ping Federate
- Securing Web API with Open ID Connect Access Token
- PingFederate use ognl expression to get security group
- Difference between jwt-bearer and token-exchange grant types
- OIDC - Obtaining an Identity Token for use by a backend (no actual user) service running scheduled jobs
- Using Pingfederate as an SP and Okta as IDP
- A valid SubjectConfirmation was not found on this Response, laravel and saml2
- How to Configure SSO With Oracle Smartview Using Okta Or Pingfederate?
- Redirect from CAS(PingFederate) in an OAuth auth code grant flow creating a new session on the OAuth client
- Angular Get http response header without any WebAPI call?
- Is it possible to create an Authentication Policy using the PingFederate Admin API?
- What is the proper way to handle key-secured API operations with a React front-end?
- Pingfederate kerberos authentication is authenticating any user from any domain
- When authenticating to Sharepoint online with PingFederate SSO, what should "PARTNER SERVICE IDENTIFIER" be set to?
- TransactionalStateSupport doesn't save variables
- Passing RelayState between PingFederate(IDP) OpenAM (SP) with Sp-initiated sso