Configuring the PingID enrollment settings
Customize the PingID enrollment experience.
Steps
-
Sign on to the admin console.
-
Go to Setup → PingID → Configuration.
-
In the Enrollment section:
-
In the Mandatory Enrollment Date field, select a final date for your users to enroll for the PingID service.
Before this date, users can click Not Now to skip the enrollment process and still sign on to the service. After this date, the Not Now button is not available. Users must first enroll in PingID to sign on.
Entering a past date will force users to enroll with PingID upon first sign on.
-
In the Self-Enrollment During Authentication section, permit or disable end-user self-enrollment for all PingID services on their first authentication.
The default selection is Enabled. This option allows the organization to implement customized business logic on first authentications.
When self-enrollment is Disabled, users who are not registered for at least one authentication method will receive an error screen on their first authentication attempt and will not be able to complete authentication and self-enrollment.
To reduce confusion when disabling self-enrollment, enter an appropriate message in the Admin Message field, as shown in the following example.
New users should register at the following link: <Registration URL>. For other support issues, contact the help desk.
Before disabling self-enrollment, we recommended that you use a mechanism to trap the error status, and apply the customized logic. Develop this customization using PingID APIs. For more information, see The PingID API.
-
Enforce Policy evaluation after new device registration - this option ensures that in situations where users without a paired device attempt to access an application, the relevant authentication policies for the application will be applied in order to control access to the application after the user has successfully paired their device.
-
-
Click Save.