PingFederate version 10.0 included the welcome addition of bulk configuration import and export using the Administrative API. This enhancement was gratefully received and more closely aligns PingFederate with the JSON configuration archive functionality we are familiar with in PingAccess. It also provides new opportunities for the migration of configuration between environments. However, challenges remain as a bulk export can be unwieldy and difficult to manage. Thankfully we can solve this with ProofID ConfigMigrator.
ConfigMigrator can be used for the import and export of configuration in PingFederate and PingAccess. It works by importing or exporting JSON documents, as you would see when using the administrative REST APIs. This configuration can then be variablised, allowing for easy deployment to multiple environments. For example, an OAuth client could be added for different instances of a service by providing variables for attributes such as the client ID and redirect URI:
In a recent engagement with a client in the financial sector, ProoflD ConfigMigrator was used to automate the deployment of configuration through the route to live. As a Java command line application, it was easily introduced into the existing DevOps landscape and allowed for the same PingFederate and PingAccess configuration to be deployed to eight different environments. By using ConfigMigrator, a large quantity of configuration could be deployed in a fraction of the time it would take to add manually. Intricate configuration such as applying policies within PingAccess or mappings in PingFederate could be automated, removing the possibility of human error.
Written by, Ben Andrews – Consultant, Managed Services
Beginning his career at Hewlett Packard, Ben provided consultancy for authentication and MFA solutions to multinational defence and security companies. He now has over nine years’ experience working in various technical roles.
Since joining ProoflD six years ago, Ben has been involved in the delivery of a number of complex identity and access management solutions for household names in sectors such as banking, retail and non-profit.