PingOne

PingOne Verify IdP Adapter settings reference

Field descriptions for the PingOne Verify IdP Adapter configuration screen.

Standard fields
Field Description

PingOne Environment

Select the PingOne connection you created in Connecting PingFederate to PingOne.

This field is blank by default.

PingOne Population

If a user doesn’t already exist in PingOne, the adapter provisions the user to this PingOne population.

Applies only when Provision User is selected.

This list populates after you select the PingOne Environment.

Verify Policy

The name of the verify policy you want to use.

This list populates after you select a PingOne environment.

Email Chained Attribute

The name of the incoming chanied attribute that contains the user’s email address.

The default value is mail.

Phone Chained Attribute

The name of the incoming chained attribute that contains the user’s phone number.

The default value is mobile.

Reference Image Chained Attribute

The name of the incoming chained attribute that contains the user’s reference image.

The facial comparison only verify policy requires the reference image as a base64-encoded string.

The default value is photo.

Verification URL Delivery Method

Specifies how the verification link is sent to users to begin the identity verification process.

When set to User selection, users can choose their preferred delivery method. For example, email or SMS.

The default value is User selection.

Redirect URL

The destination URL that users are directed to automatically after completing identity verification successfully.

Redirect Message

A customizable message displayed to users before they’re directed to the Redirect URL you specified.

If you configure a Redirect Message, you must configure a Redirect URL before you can save the configuration.

First Name Chained Attribute

The name of the incoming chained attribute that contains the user’s first name.

This value is compared against the first name extracted from the government ID submitted during verification to ensure they match.

If this field is left empty, record matching isn’t performed for this user attribute.

Last Name Chained Attribute

The name of the incoming chained attribute that contains the user’s last name.

This value is compared against the last name extracted from the government ID submitted during verification to ensure they match.

If this field is left empty, record matching isn’t performed for this user attribute.

Full Name Chained Attribute

The name of the incoming chained attribute that contains the user’s full name.

Required when verifying against ID types that only support full name extraction (instead of separate first and last name components).

This value is compared against the full name extracted from the government ID submitted during verification to ensure they match.

If this field is left empty, record matching isn’t performed for this user attribute.

Address Chained Attribute

The name of the incoming chained attribute that contains the user’s address.

This value is compared against the address extracted from the government ID submitted during verification to ensure they match.

If this field is left empty, record matching isn’t performed for this user attribute.

Date of Birth Chained Attribute

The name of the incoming chained attribute that contains the user’s date of birth.

Use the following format: YYYY-MM-DD.

This value is compared against the date of birth extracted from the government ID submitted during verification to ensure they match.

If this field is left empty, record matching isn’t performed for this user attribute.

Advanced fields
Field Description

Test Username

The PingOne username that the adapter uses to test the PingOne Verify connection on the Actions tab.

This field is blank by default.

HTML Template Prefix

Identifies the set of HTML templates that the adapter uses to show the authentication status or request a one-time passcode (OTP).

If you customize the template file names in the /server/default/conf/template directory, enter the new prefix here.

You can find a description of the template files in Download manifest.

The default value is pingone-verify.

Messages Files

Identifies the customizable language-pack file that the adapter uses to show messages on the templates.

If you customize the pingone-verify-messages.properties file name in the /server/default/conf/language-packs directory, enter the new name here.

The default value is pingone-verify-messages.

Error Message Key Prefix

Identifies the error messages in the language-pack file that the adapter uses to show messages on the templates.

If you customize the error message names in /server/default/conf/language-packs/pingone-verify-messages.properties, enter the new prefix here.

The default value is pingone.verify.error..

Provision User

If a user does not already exist in PingOne, the adapter provisions the user to PingOne.

This checkbox is selected by default.

Allow Verification Retries

When ID verification fails, this setting determines whether a user can try again. Your PingOne Verify configuration determines the maximum number of retry attempts.

This checkbox is cleared by default.

Reset Verification Status

Require ID verification for every authentication by resetting the user’s status.

This checkbox is cleared by default.

User Not Found Failure Mode

When a user error occurs in PingOne, this setting determines whether the adapter blocks the user’s sign-on or registration attempt.

User errors include the following:

  • User is disabled

  • User does not exist

  • User cannot be provisioned

  • The PingOne Verify service is disabled for the user

The default selection is Block user.

Service Unavailable Failure Mode

When PingOne does not respond, this setting determines whether the adapter blocks the user’s sign-on or registration attempt.

The default selection is Bypass authentication.

Show Success Screens

Determines whether the adapter shows a success page when the verification process is successful.

This checkbox is selected by default.

Show Error Screens

Determines whether the adapter shows an error page when the verification process fails and the user cannot retry.

This checkbox is selected by default.

Show Timeout Screens

Determines whether the adapter shows a "timed out" page when the verification process times out.

This checkbox is selected by default.

State Timeout

The amount of time in seconds that the adapter allows for each state of the process when waiting for a user to complete the verification process.

The default value is 1200.

The minimum value is 60.

API Request Timeout

The amount of time in milliseconds that PingFederate allows when establishing a connection with PingOne Verify or waiting for a response to a request. A value of 0 disables the timeout.

The default value is 5000.

Proxy Settings

Defines proxy settings for outbound HTTP requests.

The default value is System Defaults.

Custom Proxy Host

The proxy server host name to use when Proxy Settings is set to Custom.

This field is blank by default.

Custom Proxy Port

The proxy server port to use when Proxy Settings is set to Custom.

This field is blank by default.