Ping today announced that PingSTS (Preview 1) is now available as part of our early adopter program. It’s Ping’s second major product, and the brain-child of our new VP of Technology, Patrick Harding, who had a need for it at Fidelity before joining Ping. Darren Platt, former head of engineering of Securant before they were purchased by RSA Security has been leading our efforts here, and doing a wonderful job. PingSTS is a Security Token Server which effectively allows companies to centralize, much like a certificate authority, where they get SAML assertions for use in their web services and SOA initiatives. The below graphic shows how we connect the introduction of this new product, which enables app-to-app identity to our existing product, which enables user-to-browser identity.
PingSTS is an advanced WS-Trust Security Token Server. It builds upon WSS 1.0 and WS-Trust to supply a Security Token Service (STS) for identity-enabling web services. Using PingSTS, a Web Services client will be able to exchange the security token being used in the local security domain, such as a Kerberos ticket, for a SAML security token that represents the original user’s identity in other federated security domains, including those at other companies. PingSTS also allows Web Services providers to validate SAML security tokens before performing requested services.