Log in to your PingFederate server and obtain your full Identity Provider URL (Federation Service name + Endpoint Token Issuance URL Path), and your Identity Provider Public Key.

Get the Identity Provider URL.

1. Log in to your PingFederate admin console.
2. Select System > Server > Protocol settings.
3. On the Federation info tab, copy the URL within the "Base URL" field (for example, pf.testcorp.com) and paste it into a text editor.
   Note: Be sure that the Federation Service URL name you enter into your text editor begins with https:// as it is required to be a secure protocol (for example, https://pf.testcorp.com.

   

4. Open the PingFederate official documentation and copy the Single Sign-on Service (SAML 2.0) URL, then paste it into your text editor at the end of the Identity Provider URL path, so that it looks like this: https://< Federation Service name> + <SSO URL>.

   Example: Both components combined would be https://pf.testcorp.com/idp/SSO.saml2 as your full Identity Provider URL.

Get the Identity Provider Public Key.

5. Select Security > Signing & Decrypton Keys & Certificates.

   

6. Locate the certificate which you will use during the LastPass Service Provider configuration and copy the certificate public key.
   Important: LastPass requires an SHA-256 Fingerprint in hex format (without colons) in order to enable Ping Federate.
7. Highlight and copy the entire Public Key, then paste it into your text editor.