Ping Identity helped us configure the connection between our Ping Federate server and Office 365 – for both active and passive protocols. Using the same exact server, we modified our little client to talk to the same ping federate server over ws-trust seeking a bearer assertion to present to our own “emulation” of Office 365. The (very quick, proof of concept) modifications are shown above. They are (1) include the saml1.1 handler, and ignore audience issues. Also, ignore cert/issuer-name errors, for now.
The modifications to the client are trivial:
The result in the string service are what you’d expect:
Ping Federate’s logs indicate a response format with the following statements:-