Realty IDP to PingFederate IDP to Office Federation Gateway to SP

some notes on several sp-initated chains, mixed with idp proxying  and relaying.

To configure, ensure the realty IDP uses the desired ping federate server (with the capabilities to talk to Office with both passive and active sso protocols):


1: override the default stem of the ping federate server

2. mandatory attribute, when asserting to the Ping Federate SP connection

3. note the absence of the trailing ‘/’ (since this values is concatenated with the path given by PF on the callback,with its dynamic path components – presumably for security)

we can see the chain and assertion path here:



About home_pw

Computer Programmer who often does network administration with focus on security servers. Sometimes plays at slot machine programming.
This entry was posted in office365, pingfederate, SSO. Bookmark the permalink.