PingID Administration Guide

Pre-populating or restricting user registration data

For SMS, voice, and email authentication, you can pre-populate or restrict registration to corporate information that is already defined in your organization’s user directory.

About this task

These configurations are applied during initial registration and during the registration of additional devices if you have enabled multiple-device capability.

Pre-Populate

When registering for PingID, the email, SMS, or voice field is pre-populated with the information defined in your user directory. The user can edit the information or replace it with a different address or phone number.

Restrict

When registering for PingID, the email, SMS, or voice field is pre-populated with the information defined in your user directory. The information is read-only and cannot be edited by the end user. If information in the user directory is missing or invalid for a specific device type, the user is not presented with the option to register with that device.

Applying the Restrict option to an authentication method removes that method when pairing with PingID SSH, VPN, and Windows login integrations, as well as for local users.

Information must be saved to your user directory in Google Library format, which specifies that all phone numbers must include "+" and the international country code. No manipulation or validation is performed when information is extracted from the user directory. For example, if a phone number is not stored in an international format, a prefix is not added, which might cause an error when trying to continue the registration flow. For information about configuring attributes in your user directory, see Configuring the phone number attribute in PingOne and Configuring LDAP attributes in PingFederate.

When PingID is integrated with PingFederate as the identity provider (IdP), confirm that the attribute names under Setup → Dock → Configuration → Attribute Mapping that are passed to PingFederate exist and match the required SAML message attribute names.

Steps

  1. Sign on to the PingID admin portal and go to Setup → PingID → Configuration.

  2. In the Authentication section, go to the Alternate Authentication Methods section.

    A screen capture of the Alternate Authentication Methods section.
  3. In the Enable column, ensure that the relevant authentication methods are selected. Configure the authentication methods as described in the following table.

    Choice Description

    Pre-Populate

    To pre-populate the user entry field with the SMS or voice numbers stored in your user directory when registering for PingID, in the relevant row, select the Pre-Populate check box.

    Restrict

    To restrict the user to select only the SMS or voice phone numbers stored in your user directory when registering for PingID, in the relevant row, select the Restrict check box.

  4. Click Save.