Device Profile Collector node
The Device Profile Collector node collects metadata about the user’s device,
and optionally the device location, by sending a DeviceProfileCallback to the client application.
Learn more in DeviceProfileCallback.
The amount and type of data collected depends on whether you’re using the Ping SDKs or not.
- Without the SDKs (browser-only collection)
-
If you aren’t using the Ping SDKs, the device details are limited to those collected by the web browser.
Examples of collected data include:
-
User-agent string
-
Screen resolution and color depth
-
Browser language and timezone
-
A unique identifier generated from HTML5 canvas fingerprinting
-
- With the SDKs
-
The Ping SDKs have built-in support for device-profiling nodes, which lets you collect richer device information.
When the client application uses the Ping SDKs, the SDK intercepts the
DeviceProfileCallbackand collects additional device information.In addition to the data available from the web browser, the SDKs can collect the following types of information:
-
Hardware: Device manufacturer, model, CPU architecture, and memory.
-
Operating System: OS version, build number, and kernel version.
-
Security: Whether the device is rooted or jailbroken, and the status of disk encryption.
-
Network: IP address and MAC address of network interfaces.
-
|
It is up to you what information you collect from users and devices. Always use data responsibly and provide your users with appropriate control over data they share with you. You are responsible for complying with any regulations or data protection laws. |
Use this node with the Device Profile Save node to create a trusted profile from the collected data. You can use the trusted device profile in subsequent authentication attempts; for example, with the Device Match node and Device Location Match node.
Compatibility
| Product | Compatible? |
|---|---|
PingOne Advanced Identity Cloud |
|
ForgeRock Access Management (self-managed) |
|
Ping Identity Platform (self-managed) |
Properties
| Property | Usage |
|---|---|
Maximum Profile Size (KB) |
Specifies the maximum accepted size, in kilobytes, of a device profile. If the collected profile data exceeds this size, authentication fails. Default: |
Collect Device Metadata |
Specifies whether device metadata is requested. |
Collect Device Location |
Specifies whether device location is requested. |
Message |
Specifies an optional message to display to the user while the node collects the requested data. You can provide the message in multiple languages by specifying the locale in the The locale selected for display is based on the user’s locale settings in their browser. Messages provided in the node override the defaults provided by AM. |
Outputs
The node writes the device metadata to the forgeRock.device.profile shared state object if the Collect Device Metadata option is selected.
The device metadata includes the device name.
This is either obtained from the shared state if available or is derived from the platform being used.
For example Mac (Browser) is the device name given when the device is a web browser on the Mac operating system.
If the Collect Device Location option is also selected and the user consents,
the device location details are included in this object under the location attribute.
In addition to the collected metadata, the shared state includes an identifier,
which uniquely identifies the device through the journey.