Use the GET /idp/spConnections/{{spConnectionId}}/credentials/signingSettings endpoint to retrieve the service provider connection signature settings.

Path parameters

Parameter Value Description
spConnectionId string(required) ID of the SP Connection.

Status codes

Code Reason
200 Success.
403 PingFederate does not have its IdP role enabled. Operation not available.
404 Resource not found.

SigningSettings - Settings related to signing messages sent to this partner.

Property Type Description
algorithm string The algorithm used to sign messages sent to this partner. The default is SHA1withDSA for DSA certs, SHA256withRSA for RSA certs, and SHA256withECDSA for EC certs. For RSA certs, SHA1withRSA, SHA384withRSA, and SHA512withRSA are also supported. For EC certs, SHA384withECDSA and SHA512withECDSA are also supported. If the connection is WS-Federation with JWT token type, then the possible values are RSA SHA256, RSA SHA384, RSA SHA512, ECDSA SHA256, ECDSA SHA384, ECDSA SHA512
includeCertInSignature boolean Determines whether the signing certificate is included in the signature element.
includeRawKeyInSignature boolean Determines whether the element with the raw public key is included in the signature element.
signingKeyPairRef * ResourceLink The ID of the key pair used to sign messages sent to this partner. The ID of the key pair is also known as the alias and can be found by viewing the corresponding certificate under ‘Signing & Decryption Keys & Certificates’ in the PingFederate admin console.

ResourceLink - A reference to a resource.

Property Type Description
id * string The ID of the resource.
location string A read-only URL that references the resource. If the resource is not currently URL-accessible, this property will be null.