PingAccess self-service
PingAccess is an identity-enabled access management product that protects web applications and APIs by applying security policies to client requests. You can connect to PingAccess directly from the platform and complete a variety of tasks, which are listed and described below.
To connect to PingAccess through the portal, click the expandable icon associated with the environment and select the appropriate PingAccess link.
In PingAccess, you can:
-
Applications represent the protected web applications and APIs to which client requests are sent. Applications are composed of one or more resources and have a common virtual host and context root, and correspond to a single target site. Applications can be protected by PingAccess Gateway or PingAccess Agent. In a gateway deployment, the target application is specified as a Site. In an agent deployment, the application destination is an Agent.
-
Manage authentication requirements
Authentication requirements are policies that dictate how users must authenticate before access is granted to protected web applications. Authentication methods are string values and ordered in a list by preference. At runtime, the type of authentication attempted is determined by the order of the authentication methods.
-
Identity mappings make user attributes available to backend sites that use them for authentication. There are multiple types of identity mappings, each with different behavior and a distinct set of fields to specify the identity mapping behavior.
-
Rules are the building blocks for access control and request processing. There are many types of rules, each with different behavior and a distinct set of fields to specify the rule behavior. Rule sets allow you to group multiple rules into re-usable sets, which can be applied to applications and resources. Rule set groups can contain rule sets or other rule set groups, allowing the creation of hierarchies of rules to any level of depth. Rule sets and rule set groups can be applied to applications and resources, as required.
-
Web sessions define the policy for web application session creation, lifetime, timeouts, and scope. Multiple web sessions can be configured to scope the session to meet the needs of a target set of applications. This strategy improves the security model of the session, as it prevents unrelated applications from impersonating an end user.