Prerequisites and requirements
Confirm you have all prerequisites and requirements before configuring PingID integration for Azure AD.
To configure PingID integration for Azure AD, you will need:
-
An Azure AD Premium P1 subscription with administrator rights
-
A PingOne for Enterprise account with administrator rights
For more information, see Registering a PingOne for Enterprise account.
If you have users who registered with PingID prior to setting up PingID integration for Azure AD, make sure you map the username to the same attribute that your PingID users were registered with, such as the sAMAccountName
or userPrincipalName
attribute (see also Configuring PingID MFA for Microsoft Azure AD Conditional Access). If you need additional attributes to carry over from Azure AD, do not register users through the Conditional Access flow. Instead, make sure users are created with the required attributes in PingOne before going through the Conditional Access flow, such as through SSO or provisioning.
Authorization requests sent from Azure AD to PingID use the Azure AD userPrincipalName
attribute to identify the PingID user. Other attributes cannot be configured to identify the user in PingID.