Multiple PingOne application support

You can use a single instance of the PingOne MFA CIBA Authenticator with more than one PingOne application.

The basic authenticator configuration includes a default PingOne application ID, but the client can dynamically specify a different PingOne application with each request. The CIBA authenticator automatically checks the CIBA Request Policy for the following attributes:

Configure the CIBA client to send these attributes as part of the request to PingFederate. When the CIBA authenticator receives a valid application ID and secret, it overrides the defaults saved in the configuration.