The following orchestration API endpoints support operations to read PingFederate orchestration resources.

OIDC connection orchestration

PingCentral currently only orchestrates clients, OIDC policies, and access token managers. With PingCentral, OIDC client authentication can only occur if PingFederate is correctly configured with the appropriate data sources, password credential validators, authentication policies, policy contracts, policy contract mappings, persistent grants, and access token mappings. In this version, you cannot create clients with direct adapter mappings to an IdP adapter.

SAML connection orchestration

PingCentral currently only orchestrates the PingFederate IdP connection. With PingCentral, SAML connection authentication can only occur if PingFederate is correctly configured with the appropriate data sources, password credential validators, authentication policies, and policy contracts. In this version, you cannot create connections to an IdP adapter with direct adapter mappings.

PingFederate data model details

The following sections provide a summary of the PingFederate client dependencies, client summaries, service provider connection details, and service provider connection summaries data model properties.

PingFederate client dependencies data model

Property Description
atmsJson A string that specifies the Access Token Manager JSON associated with the PingFederate client.
clientJson A string that specifies the client JSON associated with the PingFederate client.
oidcPolicyJson A string that specifies the OIDC policy JSON associated with the PingFederate client.

PingFederate client summary views data model

Property Description
items.attributes An array of strings that specifies the list of extended OIDC attributes.
items.client A string that specifies the client JSON for a client.
items.clientId A string that specifies the client ID of a client.
items.description A string that specifies the PingFederate client summary description.
items.exclusiveScopes An array of strings that specifies the list of exclusive scopes for a client.
items.grantTypes An array of strings that specifies the list of grant types for a client.
items.name A string that specifies the client name.
items.oidcPolicyName A string that specifies the name of the OIDC policy associated with a client.
items.redirectUrls An array of strings that specifies the list of redirect URIs associated with a client.
items.scopes An array of strings that specifies the list of restricted common scopes associated with a client.
items.usedByPA A boolean that specifies whether the client is associated with a web session in PingAccess.

PingFederate service provider connection details data model

Property Description
authenticationPolicyContractDetails A string that specifies the authentication policy contract details for this client connection.
authenticationPolicyContractDetails.description A string that specifies the authentication policy contract details for a PingFederate SAML SP connection.
authenticationPolicyContractDetails.id A string that specifies the ID of the authentication policy contract.
authenticationPolicyContractDetails.identityAttributeNames An array of strings that specifies the list of identity attribute names associated with the authentication policy contract.
authenticationPolicyContractDetails.name A string that specifies the name of the authentication policy contract.
authenticationPolicyContracts.description A string that specifies the authentication policy contract details for a PingFederate SAML SP connection.
authenticationPolicyContracts.id A string that specifies the ID of the authentication policy contract.
authenticationPolicyContracts.identityAttributeNames An array of strings that specifies the list of identity attribute names associated with the authentication policy contract.
authenticationPolicyContracts.name A string that specifies the name of the authentication policy contract.
connectionJson A string that specifies the connection JSON for the SAML application.

PingFederate service provider connection summary data model

Property Description
items.acsUrl A string that specifies the assertion consumer service (ACS) URL associated with a connection.
items.authenticationPolicyContractAssertionMappings An array of strings that specifies the list of authentication policy contract assertion mappings for a connection.
items.connection A string that specifies the connection JSON associated with a connection.
items.description A string that specifies the PingFederate SAML SP connection summary.
items.enabledProfiles An array of strings that specifies the list of the enabled profiles of a connection.
items.entityId A string that specifies the entity ID associated with a connection.
items.id A string that specifies the ID associated with a connection.
items.incomingBindings An array of strings that specifies the list of the incoming bindings of a connection.
items.name A string that specifies the name of a connection.
items.protocol A string that specifies the protocol of a connection (for example, SAML20).
items.spCertificate A string that specifies the service provider certificate associated with a connection.
items.type A string that specifies the type of connection (for example, SP).

Response codes

Code Message
200 Successful operation.
400 The request could not be completed.
401 You do not have access to this resource.
403 You do not have permissions or are not licensed to make this request, or your license is exceeded.
404 The requested resource was not found.