Connections to PingOne
Some PingFederate plugins that access services provided by PingOne can leverage a secure connection between PingFederate and PingOne.
For example, when configuring instances of PingFederate’s PingOne MFA and PingOne Protect plugins, you can select a connection and one of the connection’s PingOne environments. You do not need to enter credentials and other connection details for each instance. Also, you do not need to update each plugin instance individually when, for example, you replace the connection’s credential.
The central element of a connection is its credential, which an administrator generates on PingOne and copies to PingFederate when they create the connection. During runtime, a PingFederate plugin instance that was configured to use the connection gets the credential and uses it to access a PingOne environment.
Administrators with access to both PingFederate and PingOne create the connection. For more information, see Creating connections to PingOne.
You can create multiple connections but most deployments require only one enabled connection. Typically, you use only one connection from a PingFederate cluster to a given PingOne organization. A single connection can be configured to provide access to multiple environments in PingOne.
Cards on PingFederate’s System → External Systems → PingOne Connections window display information about each connection to PingOne. When the card is collapsed, it shows only the connection’s name, ID, and status toggle switch. Use the toggle switch to enable and disable the connection on PingFederate.
Administrators can disable a connection on PingFederate or PingOne. Plugins can use a connection only if it is enabled on both PingFederate and PingOne. |
When a connection card is expanded, it shows more information about the connection on tabs, including the status of the main connection and the plugin connections, if any.
Tab | Description |
---|---|
Summary |
In the Summary tab’s Summary Details section, the Description and Created time come from PingFederate. The Connection ID in PingOne, Credential ID, Organization Name, and Region come from the connection credential. In the Summary tab’s Configuration section, the image shows:
|
Usage |
The Usage tab lists each plugin instance on PingFederate that is configured to use this connection. The instances are grouped by plugin category. |
Environments |
The Environments tab shows which environments on PingOne the connection is able to access. You assign environments to connections in PingOne. In PingFederate, when you configure a plugin to use a connection, you select the connection and one of its environments. |