PingAccess can be configured to log or suppress back-channel requests that occur duringtoken validationwith an OAuth/OpenID Connect provider such as PingFederate. These requests happen when PingAccess calls PingFederate to validate access tokens or retrieve key material.
Exact Extract from PingAccess documentation:
“Back-channel requests are logged during token validation by default. To prevent these requests from being written to the audit log, update theToken Validationsettings in PingAccess.”
This makesToken Validationthe correct location for changing the behavior without modifying application-specific configurations.
Why other options are wrong:
B. Web Sessions
Incorrect. Web Sessions control user session management and cookie handling, not back-channel token validation traffic.
C. Sites
Incorrect. Sites are the definitions of backend servers that PingAccess proxies to. This setting does not affect back-channel logging to PingFederate.
D. Token Provider
Incorrect. The Token Provider defines the OIDC/OAuth server (e.g., PingFederate) and its endpoints, but the logging of back-channel requests is not controlled here.
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit