PingID End User Guide

Authenticating using your iPhone (Web)

This section covers the options available for authenticating using your iPhone, when accessing your account or app using a web browser.

You can authenticate using the following options:

If you have not yet paired PingID mobile app with your account, see Set up your iPhone for PingID authentication (Web).

If your organization allows you to authenticate using more than one device type, you can add a device and decide which device you want to use as your primary (default) authentication method. For more information, see Managing your devices.

Contact your organization for the defined policy and the options available to you.

Using swipe authentication for iPhone (legacy)

If you have the PingID app running on your mobile device and your organization is using swipe authentication, swipe for authentication to sign on to your resources.

About this task

Steps

  1. Sign on to your account or access an application that requires authentication.

    Result:

    The Authenticating window appears and an authentication notification request is sent to your device.

    idt1634460784329

  2. Accept the authentication notification, depending on your mobile’s notification settings:

    Choose from:

    • If your device is locked, long press the notification until it shows the option to approve or deny the request, and then tap Approve.

    • If your device is unlocked, pull down the notification until it shows the option to Approve or Deny the request, and then tap Approve.

      If configured by your organization, you’ll see a map on the notification screen, showing the location, device type, and browser used by the device attempting to accessing your account or app. This can help you identify a fraudulent authentication attempt.

A screen capture of the notification screen including a map showing the location, device type, and browser used by the accessing device, and the option to Approve or Deny the authentication request.

  • If your mobile phone is unlocked and PingID is open, swipe to authenticate.

    A screen capture of the swipe authentication screen on a mobile device

    Result:

    A green check mark appears indicating successful authentication and your access is approved. You are automatically signed on to your application.

    A screen capture of the green Authenticated message with a check mark indicating successful authentication and your access is approved.

Using biometrics authentication for iPhone (legacy)

Authenticate using your device biometrics, such as fingerprint or Face ID, with the PingIDmobile app. Authentication varies slightly depending on your phone model, phone settings, and whether your device is locked or unlocked when sending the authentication request.

Before you begin

About this task

Biometrics authentication is only available if the option is enabled by your organization.

Steps

  1. Sign on to your account or access the application that requires authentication.

    Result:

    The Authenticating window appears and an authentication notification request is sent to your device.

    hhx1634460893658

  2. Accept the authentication notification, depending on your mobile’s notification settings:

    Choose from:

    • If your device is locked, long press the notification until it shows the option to approve or deny the request, and then tap Approve.

    • If your device is unlocked, pull down the notification until it shows the option to Approve or Deny the request, and then tap Approve.

      If configured by your organization, you’ll see a map on the notification screen, showing the location, device type, and browser used by the device attempting to accessing your account or app. This can help you identify a fraudulent authentication attempt.

    • If your mobile phone is unlocked and PingID is open, you’ll be prompted to authenticate with your biometrics.

    • Face ID: Tap the message asking you to authorize scanning with Face ID, if prompted, or your face is scanned automatically.

    • Fingerprint: To scan your fingerprint, touch the Home button lightly.

    ckb1639404511342

  3. You might be asked to authenticate by number matching. If so, you’ll see a number on the Authentication screen and you’ll need to open PingID mobile app, and select the same number. If you don’t see the option, skip this step.

    PingID mobile app showing a list of numbers and a message asking you to select the number that matches the number displayed in the authentication screen, or Deny the authentication request

Result

A green Authenticated message with a check mark appears, indicating successful authentication and your access is approved. You are automatically signed on to your application.

A screen capture of the green Authenticated message with a check mark indicating successful authentication and your access is approved.

Authenticating by number matching (legacy)

You might be asked to authenticate by selecting the number in PingID mobile app that matches the number displayed on the authenticating screen.

Before you begin

  • To authenticate using number matching, you need PingID mobile app 1.34 or later.

About this task

Animation showing number matching authentication

Steps

  1. Sign in to your account, or access the application that requires authentication.

    If your device supports biometrics authentication, you might be asked to authenticate using your biometrics before you are asked to authenticate by number matching.

    Result:

    The Authentication window displays a number, and a message asking you to select the same number in PingID mobile app.

    PingID authenticator window showing a number, and instructing you to select the same number in  PingID mobile app to complete authentication

  2. Open PingID mobile app and select the number that matches the number shown on the Authentication screen.

    PingID mobile app displaying a list of numbers, and a message asking you to select the same number that is displayed on the Authentication screen. At the end of the list is the Deny button. 

    Result:

    A green check mark appears indicating successful authentication and your access is approved. You are automatically signed on to your application.

    A screen capture of the green Authenticated message with a check mark indicating successful authentication and your access is approved.

Authenticating with PingID using a one-time passcode (legacy)

If you do not have internet access and cannot authenticate online, use the PingID mobile app to generate a one-time passcode (OTP) for you to authenticate with to access your account and applications.

About this task

Depending on your organization policy, you can either authenticate immediately using an OTP, or you need to wait for the push notification request to timeout before you are able to enter the OTP.

An image showing the process of using the PingID generated one-time passcode received on a mobile device to sign on and authenticate for access to your account and applications on a desktop.

Each time you launch the PingID app, PingID generates a new passcode. Each passcode is unique and can only be used one time. For authentication, use the OTP that appears on your device at the time you are signing on to your account.

You can only view and use the OTP if it is enabled by your organization.

Steps

  1. Sign on to your account or app.

    Result:

    The Authenticating on…​ window appears.

    Authenticating screen, showing an authentication request has been sent to your phone, and the system is awaiting a response. The Use Code button and the Change Device button is also shown.

  2. In the Authentication window either:

    Choose from:

    • Click Use Code

    • Wait until the push notification timeout occurs.

      Result:

      You are prompted to enter an OTP.

    A screen capture of the Authentication window requesting the one-time passcode entry to use to authenticate.

  3. On your mobile device, open the PingID app to view the current OTP.

    A screen capture of the One-Time Passcode screen displaying the one-time passcode on the PingID mobile app with the New Passcode option.

    • The OTP refreshes each time you open the PingID app. To generate a new one-time passcode, tap New Passcode.

    • When opening PingID mobile app, update your location permissions to Allow all the time, if prompted to do so.

  4. In the Authentication window, enter the OTP into the passcode field. Click Sign On.

    If you receive a push notification on your mobile device before signing on using the OTP, you can still approve the authentication request using swipe or biometrics.

Result

A green Authenticated message with a check mark appears, indicating authentication is successful and your access is approved.

Authenticating using your Apple Watch

You can authenticate with PingID mobile app using your Apple watch.

About this task

If you have an Apple Watch paired with your iPhone, the PingID mobile app automatically presents the Approve or Deny authentication notification on the Apple Watch, in parallel with your iPhone, so you can authenticate without taking your iPhone out of your pocket.

You do not need to install the PingID app on your Apple watch to receive notifications. However, if you do install the app on your watch, you can also access a one-time passcode (OTP) from the app on your Apple watch.

Steps

  1. If your mobile device is inactive and your Apple Watch is on your wrist, when you sign on, a notification appears on your Apple Watch, as well as your mobile device.Swipe up to view the message, and then tap Approve.

    Apple Watch showing thePingID mobile app Approve and Deny buttons.

  2. If you see three numbers displayed on your Apple Watch, your company also requires you to authenticate by number matching. If so, to complete authentication, select the number on your Apple watch that matches the number displayed on the Authentication screen.

Result

You’ll see the green checkmark, indicating authentication is successful and you’re signed in to your account.

Enabling and disabling passcodes on your Apple watch

Enable the use of PingID one-time passcodes (OTPs) on your Apple watch.

About this task

If you have installed the PingID app on your device, the PingID Apple Watch app is automatically installed on your watch and you will start receiving notifications to your watch. You can also open the PingID app on your watch to receive a one-time passcode (OTP). If the Apple watch app is disabled, you will not be able to access a one-time passcode from your watch.

The Apple watch only receives notifications when your mobile device is locked, and the mobile device screen is in sleep mode.

Steps

  1. On your iPhone, tap the Watch app, and then tap PingID.

  2. To enable or disable the app on your Apple watch, tap Show App on Apple Watch.

    Result:

    The PingID app is installed on your Apple watch, and the PingID icon appears.

  3. To view the current one-time passcode, on your Apple watch, tap the PingID icon.

    Screen capture of an Apple watch displaying a one-time passcode.

  4. (Optional) To get a new passcode, tap Refresh.

Authenticating with PingID manually (legacy)

When you sign on to your account using a web browser, you might be asked to authenticate manually through the PingID mobile app.

You will not be asked to authenticate manually often, but be aware that authenticating manually is different than the normal sign on process.

Authenticating manually to access resources on your computer (legacy)

When you sign on to your account using a web browser, you might be asked to authenticate manually through the PingID mobile app.

Before you begin

To authenticate manually to access resources on your computer, you need:

  • A device with the PingID mobile app 1.8 or later that is already paired with your account and with which you have successfully authenticated at least once.

  • A working camera on your device with the PingID mobile app camera permissions set to Approve. See PingID mobile app management.

About this task

You will not be asked to do this very often, but be aware that authenticating manually differs from the normal sign on process. brightcove::2DBsmx9[start='34s', autoplay=true, accountID="771836189001", width=768, height=432]

You cannot sign on to your account from a web browser that is located on the same device that you use to authenticate, unless it is a mobile device that is paired with the PingID mobile app. If you are trying to access resources on your mobile device, see Authenticating manually to access resources on your mobile device (legacy).

Steps

  1. Sign on to your account, or access the application that requires authentication.

    If you have more than one device paired with your account, you’ll see a list of your devices. Select the device you want to use to authenticate.

    Result:

    A Manual Authentication message appears, requesting that you manually authenticate.

    A screen capture of the Manual Authentication message requesting you to manually authenticate with the Authenticating On information and the Next option.

  2. Click Next.

    Result:

    A Manual Authentication message appears, displays a QR code, and requests that you authenticate manually.

    A screen capture of the Maunal Authentication message.

  3. From your mobile device, open the PingID app.

  4. Tap the Gear icon (pju1564020549262 ) and select Manual Auth.

    A screen capture of the PingID mobile app menu with Manual Auth selected.
    Result:

    If required, authenticate with your device biometrics. The QR code scanner for manual authentication opens.

  5. Use your mobile to scan the QR code displayed on the Manual Authentication screen.

    A screen capture of the QR code scanner using the PingID mobile app.
    Result:

    You receive an Authentication Code.

    A screen capture of the Authentication Code with the Done option.

  6. Enter the Authentication Code into your web browser. Click Sign on.

Result

You are successfully authenticated and automatically signed on to your account.

Authenticating manually to access resources on your mobile device (legacy)

When you sign on to your account using a web browser, you might be asked to authenticate manually using the PingID mobile app.

Before you begin

To authenticate manually from your mobile device to access resources on the same device, you need:

  • A device with PingID mobile app 1.8.4 or later, that is already paired with your account and with which you have successfully authenticated at least once.

About this task

You will not be asked to authenticate manually often, but be aware that authenticating manually is slightly different than the normal sign on process.

Steps

  1. From a mobile device that is paired with PingID, open a browser window and sign on to your account, or access the application that requires authentication.

    If you have more than one device paired with your account, a list of all your currently paired devices appears. Select the device you want to use to authenticate.

    Result:

    A Manual Authentication message appears with the Authenticating On section and the Next option.

    A screen capture of the Manual Authentication message requesting that you authenticate manually and displaying the devices paired to your account.

  2. Click Next.

    A screen capture of the Manual Authentication message requesting you to use a QR code to manually authenticate.

    If you are trying to access resources on a device that is not your authenticating device, such as a different mobile device or an iPad that is not paired with PingID, click Use QR Code, and follow the steps outlined in Authenticating manually to access resources on your computer (legacy).
    Result:

    A Manual Authentication message appears.

  3. Tap Authenticate, and authenticate with your device biometrics, if required.

    Result:

    PingID mobile app opens automatically, and you receive an Authentication Code.

    A screen capture of the Authentication Code.

  4. Tap Copy, and then return to your web browser.

  5. In the web browser, tap the Authentication Code field and paste the code into the field. Click Sign on.

A screen capture of the Manual Authneication window with the Authentication Code field with an entry and the Sign On button.

Result

You are successfully authenticated and signed on to your account or app.