Customer IAM configuration
PingFederate empowers administrators to deliver a secure and easy-to-use customer authentication, registration, and profile management solution. This solution leverages the HTML Form Adapter to offer users the options to authenticate through third-party identity providers (IdPs), self-register as part of the sign-on experience, and manage their accounts through a self-service profile management page.
Like other user-facing windows, administrators can customize and localize both the registration and profile management pages to present a consistent branding experience based on the needs of the users and the organizations.
Furthermore, administrators can allow users to leverage their existing identities from third-party identity providers. Any IdP connection or IdP adapter, such as the LinkedIn Cloud Identity Connector, can be used as an authentication source to a third-party identity provider. This optional capability enables a mapping configuration between the attributes returned by the identity provider and the fields within the registration page, streamlining the registration process.
Depending on the requirements and configuration of existing components, the configuration process might involve changes to these configuration components: authentication policy contracts, local identity profiles, HTML Form Adapter instances, and IdP authentication policies.
The HTML Form Adapter is authentication API-capable. The PingFederate authentication API is a JSON-based API that enables end-user interactions, such as credential prompts, to be handled by an external web application. This API does so by providing access to the current state of the flow as an end user steps through a PingFederate authentication policy. For more information, see Authentication applications and the authentication API. |