Managing local identity profiles
A local identity profile (LIP) is a stored user identity (PingDirectory) created and maintained by PingFederate. It provides the capability for user creation and administration, and centralizes those policies with the authentication and authorization policies already within PingFederate.
About this task
Users can enter their information during registration using a link on the HTML Login page or after successful authentication from a third-party IdP. You can configure LIPs for user registration, third-party federation (provisioned through SAML), and user profile management.
A typical customer identity and access management (CIAM) use case only requires one LIP. As needed, you can create multiple profiles to suit the needs of your organization. Using the administrative console, LIPs are defined in the Identity Policies section.
As of PingFederate 10.1, an authentication session is automatically created for a user after registration, preventing the user from having to log in again during the next single sign-on (SSO) transaction. This feature is enabled by default for all new and existing local identity profiles. However, if needed, you can disable it through the When associated with an HTML Form Adapter instance, a local identity profile provides users the option to authenticate through third-party identity providers, self-register as part of the sign-on experience, and manage their accounts through a self-service profile management page. |
Steps
-
To configure a new profile, go to Authentication → Policies → Local Identity Profiles. Click Create New Profile.
-
To modify an existing profile, select it by its name under Local Identity Profile Name.
-
To review the usage of an existing profile, click Check Usage under Action.
-
To remove an existing instance or to cancel the removal request, click Delete or Undelete under Action.