Updating a PingID account to use PingOne FIDO2 policy for Passkey support
If you have a PingID account that has been integrated with PingOne you can update it to support the FIDO2 authentication method. This allows you to benefit from the full range of options in the enhanced FIDO2 policy.
Before you begin
The FIDO2 authentication method is only available for PingID accounts that have been integrated into a PingOne environment.
About this task
The FIDO2 authentication method replaces the deprecated FIDO biometrics and security key authentication methods and offers expanded configuration options and support for a wide range of FIDO authentication devices, including cloud-synced FIDO devices.
If you have already integrated your PingID account with a PingOne environment, update it to use the enhanced FIDO2 policy.
|
Steps
-
Sign on to the Admin portal and go to Setup → PingID → Configuration
Result:
After your PingID account is successfully integrated into a PingOne environment in the Alternate Authentication Methods section, you’ll see a new entry for the FIDO2 authentication method.
-
In the Alternate Authentication Methods section, in the FIDO2 row, make sure the Enable and Pairing check boxes are selected.
If you previously enabled Security Key or FIDO2 Biometrics authentication methods, those options are greyed out. These authentication options are removed and become legacy when you save the configuration changes.
-
Click Save. You’ll see the following warning message:
Result
All Security Key or FIDO2 Biometrics authentication methods and associated configurations are upgraded to the FIDO2 authentication method.
In PingOne, the FIDO2 policy shows the full range of options available, as well as the default Passkey and Security Key policies. To learn more about FIDO2 policy configuration, see Creating a FIDO policy in the PingOne Cloud Platform documentation.