PingAccess

iovation Device Risk integration

Control access to a protected PingAccess Web application or resource based on an iovation Device Risk result. The iovation Device Risk integration provides access to two new PingAccess rules:

iovation Device Risk Device Profiling rule

Enables you to gather data about the end-user’s system. This rule:

  • Must be invoked before a request that uses the iovation Device Risk Authorization rule

  • Can’t be used for POST requests

  • Only functions on requests from a top-level browsing context

iovation Device Risk Authorization rule

Enables you to allow or deny access based on Device Risk’s evaluation of the user’s system.

This rule must be invoked after the iovation Device Risk Device Profiling rule, within the time period defined by the Blackbox time to live (sec.) field.

Integration requirements

Installation requirements:

  • If you operate PingAccess in a cluster, you must install the iovation Device Risk integration on each node in the deployment.

Usage requirements:

  • Both rules require authentication, so you can only use them on protected applications and resources.

  • The rules are only applicable to PingAccess Web applications.

    Learn more about Web type applications in Application field descriptions.

Documentation scope

This guide covers the following topics: