Log in to your PingFederate server and obtain your full Identity Provider URL (Federation Service name + Endpoint Token Issuance URL Path), and your Identity Provider Public Key.
Get the Identity Provider URL.
- Log in to your PingFederate admin console.
- Select .
- On the Federation info tab, copy the URL within the "Base URL" field (for example, pf.testcorp.com) and paste it into a text editor.
Note: Be sure that the Federation Service URL name you enter into your text editor begins with https:// as it is required to be a secure protocol (for example, https://pf.testcorp.com.

- Open the PingFederate official documentation and copy the Single Sign-on Service (SAML 2.0) URL, then paste it into your text editor at the end of the Identity Provider URL path, so that it looks like this: https://< Federation Service name> + <SSO URL>.
Example: Both components combined would be https://pf.testcorp.com/idp/SSO.saml2 as your full Identity Provider URL.
Get the Identity Provider Public Key.
- Select .
- Locate the certificate which you will use during the LastPass Service Provider configuration and copy the certificate public key.
Important: LastPass requires an SHA-256 Fingerprint in hex format (without colons) in order to enable Ping Federate.
- Highlight and copy the entire Public Key, then paste it into your text editor.