PingID Administration Guide

Introduction to PingID

PingID is a cloud-based authentication service that binds user identities to mobile devices.

During the PingID authentication process, the PingID service sends an authentication request to the user’s mobile device. No password response is required: the user just swipes to authenticate.

You can use PingID for any of these solutions:

PingOne SSO

Use PingID as a secondary authentication solution for PingOne single sign-on (SSO) in the cloud. A PingOne administrator can enable PingID in minutes.

PingFederate SSO

Use PingID as either a secondary or primary authentication solution for federated SSO through PingFederate. A PingFederate administrator can install and configure a PingID adapter that negotiates with the PingID service.

VPNs

Use PingFederate and PingID for multi-factor authentication (MFA) from your VPN. This solution uses PingFederate with a password credential validator (PCV) for PingID for identity access management, and PingOne for user management. You need only a few additional settings to enable PingID authentication for your VPN.

Passwordless authentication
  • Use PingID with biometrics or a security key to provide passwordless authentication for Web authentication through PingFederate.

  • Use PingID mobile application to provide passwordless authentication for Windows login.

You can configure your SSO infrastructure for PingID authentication to:

  • Use primary authentication only for SSO to PingOne, and then use PingID as secondary authentication whenever a user attempts to access certain applications.

  • Use PingID when a user is outside of your organization’s intranet.

  • Use PingID only for customers that use SSO to connect to your Managed Service Provider (MSP) account on PingOne.

  • Use the PingID API and PingID client integration settings to integrate PingID with your VPN or remote access system and authenticate remote SSO.

PingID is a service that runs on the PingOne platform, a mobile app for Apple® iOS or Google Android™ devices, and an adapter and PCV for PingFederate. These components work together to provide a secure means of authentication for members of your organization, partners, or customers.

If you have a PingOne SSO account, PingID is ready for you to use. To use the PingID service solely for PingFederate federated SSO, SSO through your VPN, or for custom client integrations, you need to register for the PingID Enterprise service with PingOne. You configure and manage the PingID service using the PingOne admin portal.

Try PingID for free and see the value it can bring to your organization. For more information, see Starting a PingOne trial.

Consider the security guidelines outlined in the PingID Hardening Guide ​when configuring your implementation of PingID. For more information, see PingID Security Hardening Guide.

An image of the PingID desktop sign-on workflow.

Your PingID setup depends on your SSO infrastructure. For more information, see: