PingFederate Server

Configuring registration options

On the Local Identity Profile page’s Registration tab, you can configure the user registration experience and specify the template file for the registration page.

Steps

  1. Go to Authentication > Policies > Local Identity Profiles > Registration.

  2. If you want to enable reCAPTCHA from Google to prevent automated registration attempts:

    1. Select the Risk Enabled checkbox.

    2. Select a Risk Provider. The default selection is Default, which is the service provider specified as the default on the CAPTCHA and Risk Providers page.

      To add a risk provider instance, click Manage CAPTCHA and Risk Providers to open the CAPTCHA and Risk Providers page. Then, follow the steps in Managing CAPTCHA and risk providers.

  3. To use a different template file, update the Registration Template field. The default value is local.identity.registration.html.

  4. To allow users to indicate whether their device is shared or private, select the Enable 'This is my device' checkbox.

  5. For PingFederate to create an authentication session after a local account is registered, leave the Create Session After Registration checkbox selected. It is selected by default.

  6. To override the value in the Unique ID field as the username that is sent to adapters in the policy, select a username in the Username Field list.

  7. If you have a policy fragment that needs to be executed as part of the workflow, select the fragment in the Registration Workflow list. Click Add Policy Fragments, if needed, to create one or more fragments.

    When you select a fragment, you can then choose whether PingFederate should execute the registration workflow before or after account creation. After Account Creation is selected by default.

    The registration fragment always executes after the user has entered their information in the registration form. There’s an implicit mapping between fields in the local identity profile (LIP), which may have been populated in the registration form, and attributes in the registration fragment input authentication policy contract (APC). Implicit mapping is a mapping that executes automatically if the name of a field in the LIP matches the name of an attribute in the APC.

    There’s also an implicit mapping between attributes in the registration fragment output APC and fields in the LIP. So, you can use the fragment to populate or overwrite the LIP fields. This works whether you configure the fragment to execute before or after account creation.

  8. Click Next.