Validating third party PingFederate access tokens

We are currently using the for simple authentication across our platform i.e. users we store information about login and use our platform (this is working great).

However, we want to be able to enable one of our clients to integrate/call on of our APIs using user accounts they have already setup in their PingFederate. So the theory is we basically just validate their token and if it’s valid send back the data and if not send back a not authorised response.

Is this best done by creating a PingFederate SSO connection in the dashboard and then we call Auth0 from our API to validate the token? Or is it better to not use Auth0 and call straight to their PingFederate (I would rather go through our Auth0 if possible).

That should say "we are currently using Auth0"at the beginning but I can’t seem to edit the main text!

Hey there!

Sorry for such a delayed response! We’re doing our best in providing you with the best developer support experience out there but sometimes our bandwidth is just not enough for all the questions coming in. Sorry for the inconvenience!

Can you let us know if you still require further assistance from us?