|
Key
|
Value
|
Description
|
|---|---|---|
|
SSOEnabled
|
true
|
Enable or disable the SSO feature on the server
|
|
OAuthTokenReValidInterval
|
-1
|
Time in seconds that the validity of the token will be checked with the IDP (-1 does not revalidate and uses expires_in from the Token)
|
|
OAuthTokenValidateTimeOut
|
10000
|
Time in milliseconds that Web Interface waits for a response from the OAuth server before returning the response as timed-out
|
|
AuthorizationURI
|
https://<server>:<port>/as/authorization.oauth2
|
URI for OSLC server authentication
|
|
OAuthAccessTokenURI
|
https://<server>:<port>/as/token.oauth2
|
URI for obtaining OAuth access token
Contact the PingFederate server administrator
|
|
OAuthRequestTokenURI
|
https://<server>:<port>/idp/SSO.saml2
|
URI for obtaining OAuth request token
Contact the PingFederate server administrator
|
|
OAuthAccessTokenValidatorURI
|
https://<server>:<port>/as/token.oauth2?grant_type=urn:pingidentity.com:oauth2:grant_type:validate_bearer
|
Contact the PingFederate server administrator
|
|
DomainPrefix
|
PingFederate may not return a User Domain Prefix - use this to prefix a <DomainName>\<UserName> to users returned by SSO Token
|
|
|
ClientID
|
Contact the PingFederate server administrator
|
|
|
Secret
|
Contact the PingFederate server administrator
|
|
Property
|
Value
|
|---|---|
|
OIDC:DiscoveryURI
|
https://<<server:port>>/.well-known/openid-configuration
|
|
OIDC:EndSessionURI
|
https://<<server:port>>/idp/init_logout.openid
|
|
OIDC:Scopes
|
openid profile email
WINDCHILL_READ
|