Hi,
A little more information. We are able to interface with PingFederate STS endpoint.
Pretty simple in fact, too bad there is lack of CA documentation on how to interface with major players in town...
On the Ping, have a profile being created for your API Gateway (will be used in RST SOAP Issue Request as for "AppliesTo" field).
- 1st assertion build the SOAP request skeleton (Type: Issue, Issuer being the Ping STS endpoint, AppliesTo described above).
- 2nd assertion basically adds username+password (Check Include Password, Include Created, BinarySecToken).
- 3rd apply the 2nd and encapsulate it in a wssec (check Remove and recreate, Use MustUnderstand, Omit actor, Apply WS-Security, Use default Certificate).
- last one actually route the request to the PingFederate STS endpoint (method POST, request src = requestBuilder.rstRequest).
Now, should be pretty easy to integrate it into let's say "OTK Client authentication". Still in WIP here.