--- title: iovation Device Risk integration description: Control access to a protected PingAccess Web application or resource based on an iovation Device Risk result. The iovation Device Risk integration provides access to two new PingAccess rules: component: pingaccess version: 9.0 page_id: pingaccess:agents_and_integrations:pa_iovation_device_risk_integration canonical_url: https://docs.pingidentity.com/pingaccess/9.0/agents_and_integrations/pa_iovation_device_risk_integration.html revdate: July 28, 2025 section_ids: integration-requirements: Integration requirements documentation-scope: Documentation scope --- # iovation Device Risk integration Control access to a protected PingAccess **Web** application or resource based on an iovation Device Risk result. The iovation Device Risk integration provides access to two new PingAccess rules: * iovation Device Risk Device Profiling rule Enables you to gather data about the end-user's system. This rule: * Must be invoked before a request that uses the iovation Device Risk Authorization rule * Can't be used for POST requests * Only functions on requests from a top-level browsing context * iovation Device Risk Authorization rule Enables you to allow or deny access based on Device Risk's evaluation of the user's system. | | | | - | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | This rule must be invoked after the iovation Device Risk Device Profiling rule, within the time period defined by the **Blackbox time to live (sec.)** field. | ## Integration requirements Installation requirements: * If you operate PingAccess in a cluster, you must install the iovation Device Risk integration on each node in the deployment. Usage requirements: * Both rules require authentication, so you can only use them on protected applications and resources. * The rules are only applicable to PingAccess **Web** applications. Learn more about **Web** type applications in [Application field descriptions](../pingaccess_user_interface_reference_guide/pa_application_field_descriptions.html). ## Documentation scope This guide covers the following topics: * [Installing the iovation Device Risk Integration Kit](pa_installing_the_iovation_device_risk_integration.html): Configure PingAccess for integration with iovation Device Risk. * [Creating iovation Device Risk device profiling rules](pa_creating_iovation_device_risk_profiling_rules.html): Use iovation Device Risk device profiling to gather information about the end-user's system for evaluation. * [Creating iovation Device Risk authorization rules](pa_creating_iovation_device_risk_authorization_rules.html): Share device information with iovation Device Risk, request evaluation, and allow or deny access based on the returned risk result. * [Logging iovation events](pa_logging_iovation_events.html): Update the `/conf/log4j2.xml` file to enable iovation event logging. * [Improving iovation accessibility using a reverse proxy](pa_improving_iovation_accessibility.html): Use Postman to improve iovation accessibility, even for users that block third-party content, by configuring a reverse proxy to communicate with iovation.