PingAccess for Azure AD is a free version of PingAccess for users of Microsoft's Azure AD that allows you to protect up to 20 applications.
The goal of this solution is to allow for greater control over the access to legacy on-premise applications through the use of PingAccess identity mapping functionality.
PingAccess for Azure AD requires a premium license for Microsoft Azure AD. For information about licensing, see Microsoft PingAccess for Azure AD documentation.
This free version includes a limited feature set that is intended to support the basic requirements for application protection using this solution. Users of PingAccess for Azure AD can upgrade to a full license that will allow the use of the full PingAccess feature set.
When your PingAccess for Azure AD license expires, access to the admin API is removed, and you are unable to configure the product. Though managed access to configured applications continues, you must upload a new license file before you can make any additional configuration changes.
PingAccess for Azure AD provides a limited feature set that may not be compatible with existing PingAccess configurations. For this reason, upgrading from an earlier full version of PingAccess to PingAccess for Azure AD is not supported.
The following table details the available functionality on each of the PingAccess versions, both in the PingAccess user interface and the API.
| Functionality | PingAccess | PingAccess for Azure AD |
|---|---|---|
| Create applications | Yes | Limited to 20 web session applications. |
| Create site authenticators | Yes | Limited to Basic and Mutual TLS. |
| Configure identity mappings | Yes | Limited to Header and JWT. |
| Create load balancing strategies | Yes | Limited to Header-Based and Round Robin. |
| Configure web sessions | Yes | Limited to web sessions with OpenID Connect (OIDC) sign-on type CODE. |
| Configure token provider | Yes | Limited to Microsoft Azure AD authentication source. |
| Export/Import configuration | Yes | Limited to configurations that includes only features permitted by license type. |
| Configure policies | Yes | No |
| Specify authentication requirements | Yes | No |
| Create and configure custom plugins using the SDK | Yes | No |
| Configure sites | Yes | Yes |
| Configure agents | Yes | Yes |
| Create virtual hosts | Yes | Yes |
| Configure unknown resource handling | Yes | Yes |
| Configure availability profiles | Yes | Yes |
| Configure HTTP request handling | Yes | Yes |
| Configure listeners | Yes | Yes |
| Configure forward proxy settings | Yes | Yes |
| Manage certificates | Yes | Yes |
| Manage key pairs | Yes | Yes |
| Configure administrator authentication | Yes | Yes |
| Configure clustering | Yes | Yes |
| Manage licenses | Yes | Yes |