Financial Services

Configuring flows in DaVinci

After you configure PingOne and test the solution using the wizard, perform additional configuration in DaVinci to enable all features and make the flows available to end users.

Steps

  1. Import the solution into your initial environment:

    1. Sign on to your production DaVinci environment and click Flows.

    2. Click Add Flow > Import from JSON.

    3. Select the JSON file containing the flows.

    4. Click Import.

  2. Enter or verify the values for each company variable that’s used in the Financial Services solution.

    These variables determine whether some processes and subflows are included or excluded.

    If you plan to invoke the flow using the widget, you can pass in parameter values that override some of these variables. These parameters are described later in this procedure.

    1. Click the Variables tab.

    2. Locate a variable and click the Pencil icon.

    3. In the Value field, verify that the value is correct or enter a new value for the variable.

    4. Click Update.

    5. Repeat steps b - d for each remaining variable.

      Company variables
      Variable Description

      ciam_sessionLengthInMinute

      The maximum allowed session length for a user in the flow.

      The default value is 5 minutes.

      ciam_otpFallbackAllowed

      A Boolean indicating whether a user can fall back to a one-time passcode (OTP) if a mobile push request times out.

      The default value is true.

      ciam_requireMFA

      A Boolean that controls whether MFA is required for all users.

      The default value is true.

      ciam_resendOtpLimit

      The maximum number of times a user can resend an OTP.

      The default value is 5.

      ciam_magicLinkEnabled

      A Boolean that controls whether magic links are enabled for your end users.

      The default value is true.

      ciam_logoUrl

      The URL for the version of your company logo to display in flows.

      The default value is https://assets.pingone.com/ux/ui-library/5.0.2/images/logo-pingidentity.png.

      ciam_logoStyle

      The CSS style to use for your company logo.

      The default value is width: 65px; height:65px;.

      ciam_companyName

      The name of your company as it should be displayed in user-facing text.

      The default value is Ping Identity.

      ciam_agreementEnabled

      A Boolean that controls whether agreement is enabled in your environment.

      The default value is true.

      ciam_verificationLimit

      The maximum number of times a user can attempt to verify their email address.

      The default value is 5.

      ciam_protectAnalysisRequired

      A Boolean that controls whether PingOne Protect analysis is required.

      The default value is true.

  3. Verify the configuration of the following connectors in your environment:

    Connector Description Connector documentation

    PingOne

    Enables DaVinci to view and update PingOne user information.

    PingOne connector

    PingOne MFA

    Enables DaVinci to use the PingOne MFA service for multi-factor authentication (MFA).

    PingOne MFA connector

    PingOne Notifications

    Enables DaVinci flows to send users general communications using SMS, email, and voice message with PingOne’s notifications feature.

    PingOne Notifications connector

    PingOne Protect

    Enables DaVinci flows to perform a threat assessment of the current user through PingOne Protect.

    PingOne Protect connector

    PingOne Authorize

    Enables DaVinci flows to use PingOne Authorize for policy-based authorization decisions.

    PingOne Authorize connector

    1. On the Connectors tab, find the connector that you want to verify and go to …​ > Edit.

    2. Verify that the Environment ID, Client ID, and Region field values match your PingOne values.

    3. (Optional) Copy the Client Secret from your PingOne environment to the Client Secret field.

    4. For the PingOne Authorize connector, verify that the Endpoint matches the one found in PingOne in the Authorization > Decision Endpoints section.

    5. If you made changes to the values, click Apply.

    6. Repeat the previous steps for each remaining connector.

  4. Configure the OOTB - Financial Services - Main Flow:

    1. Click Flows.

    2. Select the OOTB - Financial Services - Main Flow and go to …​ > Edit.

    3. Click the Initialize Or Set Flow Variables node and set values for the following variables:

      Variables
      Variable Description

      p1AgreementId

      The ID of the agreement to use if your environment requires user agreement.

      p1MFAPolicyId

      The PingOne MFA policy to use.

      p1RiskPolicyIdAuthZ

      The PingOne risk policy to use for authorization.

      p1RiskPolicyIdReg

      The PingOne risk policy to use for registration.

      p1RiskPolicyIdAuthn

      The PingOne risk policy to use for authentication.

      p1RiskPolicyIdAR

      The PingOne risk policy to use for account recovery.

      flowCompanyLogo

      The company logo to use during the flow.

  5. (Optional) If you plan to use a mobile application, configure the OOTB - Financial Services - Device Registration - Subflow:

    1. Click Flows.

    2. Select the OOTB - Financial Services - Device Registration - Subflow and go to …​ > Edit.

    3. In the Mobile App Registration Flow section, click the Create Pairing Key node.

    4. In the Applications field, enter one or more application IDs to specify which applications can be used with the pairing key. If you do not specify one or more application IDs, all applications can be used.

  6. Verify that the PingOne flow setting is correct for your environment.

    Choose from:

    • If you want to launch the Financial Services solution using a redirect, the flow must be configured as a PingOne flow.

    • If you want to launch the Financial Services solution using the widget, the flow must not be configured as a PingOne flow.

      1. Click Flows.

      2. Click the OOTB - Financial Services - Main Flow flow.

      3. Go to > Flow Settings.

      4. If you plan to launch the flow through a redirect, click the PingOne Flow toggle.

      5. If you made changes to the flow settings, click Save, close the flow settings pane, and clickDeploy.

  7. Configure a DaVinci application that invokes the OOTB - Financial Services - Main Flow.

    Learn more in Creating an application and Configuring a flow policy in the DaVinci documentation.

    1. On the Applications tab, click Add Application.

    2. In the Name field, enter a name for the application.

    3. Click Create.

    4. On the Applications tab, find the application that you created and click Edit.

    5. On the Flow Policy tab, click Add Flow Policy.

    6. In the Name field, enter a name for the flow policy.

    7. Select PingOne Flow Policy if you plan to invoke the flow using a PingOne redirect.

    8. In the Flows section, select the OOTB - Financial Services - Main Flow.

    9. In the Version section, select one or more versions of the flow to use.

    10. Click Create Flow Policy.

    11. In the Distribution field, set the weight for the selected flow to 100.

    12. Click Save Flow Policy.

    13. Click Apply.

  8. If you are using a test environment, move the flows to your production environment:

    1. In your testing environment, click Flows.

    2. Click the OOTB - Financial Services - Main Flow flow.

    3. Go to > Download Flow JSON.

      Result:

      The Export Flow panel opens.

    4. Click Yes.

      Result:

      The flow and its subflows are downloaded locally.

    5. Sign on to your production environment and click Flows.

    6. Click Add Flow > Import from JSON.

    7. Select the JSON file containing the flows.

    8. Click Import.

    9. Repeat the previous steps in your production environment.

  9. Invoke the flow or flows using the widget or a redirect.

    Choose from:

    • If you want to launch the flow in a separate window using a PingOne redirect, use the procedure in Launching a PingOne flow with a redirect in the DaVinci documentation. The OOTB - Financial Services - Main Flow flow can be launched with a redirect.

    • If you want to launch the flow in a widget within the user’s current window, use the procedure in Launching a flow with the widget in the DaVinci documentation. The OOTB - Financial Services - Main Flow can be launched with the widget.

      When you invoke the flow using the widget, you must include your company logo as a background image in the dialog-content-header__logo CSS class. For example:

      .dialog-content-header__logo {
  background-image: url("./company-logo.svg");
}

      When you invoke the flow using the widget, you can include any of the following parameters. When present, the parameter value is used instead of the corresponding variable value.

      Use the following format to pass parameters to the flow:

      flowParameters:{
     parameter1: "value",
     parameter2: "value"
}
      Parameters
      Parameter Corresponding variable Description

      isEmailMagicLinkEnabled

      ciam_magicLinkEnabled

      A Boolean indicating whether magic links are enabled for your end users.

      isTermsOfServiceEnabled

      ciam_agreementEnabled

      A Boolean indicating whether agreement is enabled in your environment.