Defines where to put the token: in the RST (embedded) or in the Message Security Header (referenced)
STSClientConfiguration Class | com.pingidentity.Security.STS.Client Namespace