--- title: Configuring flows in DaVinci description: Learn about how to configure flows in DaVinci as part of the Healthcare flow pack. component: pingone-solutions page_id: pingone-solutions:healthcare:getting-started/healthcare-configuring-flows-in-davinci canonical_url: https://docs.pingidentity.com/pingone-solutions/healthcare/getting-started/healthcare-configuring-flows-in-davinci.html revdate: September 6, 2024 section_ids: steps: Steps choose-from: Choose from: result: Result: result-2: Result: choose-from-2: Choose from: --- # Configuring flows in DaVinci After you configure PingOne and test the solution using the wizard, perform additional configuration in PingOne DaVinci to enable all features and make the flows available to end users. ## Steps 1. Import the solution into your initial environment: 1. In your production DaVinci environment, click **Flows**. 2. Click **Add Flow > Import from JSON**. 3. Select the JSON file containing the flows. 4. Click **Import**. 2. Enter or verify the values for each company variable that's used in the Healthcare flow pack solution. These variables determine whether some processes and subflows are included or excluded. | | | | - | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | | If you plan to invoke the flow using the widget, you can pass in parameter values that override some of these variables. These parameters are described [later in this procedure](#parameters-anchor). | 1. Click the **Variables** tab. 2. Locate a variable and click the **Pencil** icon. 3. In the **Value** field, verify that the value is correct or enter a new value for the variable. 4. Click **Update**. 5. Repeat steps b - d for each remaining variable. > **Collapse: Company variables** > > | Variable | Description | > | ------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | > | `ciam_sessionLengthInMinute` | The maximum allowed session length for a user in the flow\.The default value is 5 minutes. | > | `ciam_otpFallbackAllowed` | A Boolean indicating whether a user can fall back to a one-time passcode (OTP) *(tooltip: \
\

A passcode valid for only one sign-on or transaction on a computer system or other digital device. Also known as a one-time password, one-time PIN, or dynamic password.\

\
)* if a mobile push request times out.The default value is `true`. | > | `ciam_requireMFA` | A Boolean that controls whether multi-factor authentication (MFA) *(tooltip: \
\

An electronic authentication method where a user is granted access only after presenting two or more verification factors for authentication.\

\
)* is required for all users.The default value is `true`. | > | `ciam_resendOtpLimit` | The maximum number of times a user can resend an OTP.The default value is `5`. | > | `ciam_magicLinkEnabled` | A Boolean that controls whether magic links are enabled for your end users.The default value is `true`. | > | `ciam_logoUrl` | The URL for the version of your company logo to display in flows.The default value is `https://assets.pingone.com/ux/ui-library/5.0.2/images/logo-pingidentity.png`. | > | `ciam_logoStyle` | The CSS style to use for your company logo.The default value is `width: 65px; height:65px;`. | > | `ciam_companyName` | The name of your company as it should be displayed in user-facing text.The default value is `Ping Identity`. | > | `ciam_agreementEnabled` | A Boolean that controls whether agreement is enabled in your environment.The default value is `true`. | > | `ciam_verificationLimit` | The maximum number of times a user can attempt to verify their email address.The default value is `5`. | > | `ciam_protectAnalysisRequired` | A Boolean that controls whether PingOne Protect analysis is required.The default value is `true`. | > | `ciam_encodedCredentials` | Your PingOne worker app encoded credentials. | 3. Verify the configuration of the following connectors in your environment: | Connector | Description | Connector documentation | | --------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------- | | PingOne | Enables DaVinci to view and update PingOne user information. | [PingOne connector](https://docs.pingidentity.com/connectors/p1_connector.html) | | PingOne MFA | Enables DaVinci to use the PingOne MFA service for MFA. | [PingOne MFA connector](https://docs.pingidentity.com/connectors/p1_mfa_connector.html) | | PingOne Notifications | Enables DaVinci flows to send users general communications using SMS, email, and voice message with PingOne's notifications feature. | [PingOne Notifications connector](https://docs.pingidentity.com/connectors/p1_notifications_connector.html) | | PingOne Protect | Enables DaVinci flows to perform a threat assessment of the current user through PingOne Protect. | [PingOne Protect connector](https://docs.pingidentity.com/connectors/p1_protect_connector.html) | | PingOne Authorize | Enables DaVinci flows to use PingOne Authorize for policy-based authorization decisions. | [PingOne Authorize connector](https://docs.pingidentity.com/connectors/p1az_connector.html) | | PingOne Verify | Enables DaVinci flows to securely verify the user's identity. | [PingOne Verify connector](https://docs.pingidentity.com/connectors/p1_verify_connector.html) | | PingOne Credentials | Enables DaVinci flows to issue and manage digital credentials for the user. | [PingOne Credentials connector](https://docs.pingidentity.com/connectors/p1_credentials_connector.html) | 1. On the **Connectors** tab, find the connector that you want to verify and go to **…​ > Edit**. 2. Verify that the **Environment ID**, **Client ID**, and **Region** field values match your PingOne values. 3. (Optional) Copy the **Client Secret** from your PingOne environment to the **Client Secret** field. 4. For the PingOne Authorize connector, verify that the **Endpoint** matches the one found in PingOne in the **Authorization > Decision Endpoints** section. 5. If you made changes to the values, click **Apply**. 6. Repeat the previous steps for each remaining connector. 4. Configure the **Healthcare - Registration with Threat Detection and ID Verification - Main Flow**: 1. Click **Flows**. 2. Select the **Healthcare - Registration with Threat Detection and ID Verification - Main Flow** and go to **…​ > Edit**. 3. Click the **Initialize Or Set Flow Variables** node and set values for the following variables: > **Collapse: Variables** > > | Variable | Description | > | ---------------------------------- | --------------------------------------------------------------------------- | > | `p1AgreementId` | The ID of the agreement to use if your environment requires user agreement. | > | `p1MFAPolicyId` | The PingOne MFA policy to use. | > | `p1RiskPolicyIdAuthZ` | The PingOne risk policy to use for authorization. | > | `p1RiskPolicyIdReg` | The PingOne risk policy to use for registration. | > | `p1RiskPolicyIdAuthn` | The PingOne risk policy to use for authentication. | > | `p1RiskPolicyIdAR` | The PingOne risk policy to use for account recovery. | > | `flowCompanyLogo` | The company logo to use during the flow. | > | `p1VerifyPolicyIdReg` | The PingOne Verify Policy ID. | > | `digitalWalletApplicationId` | The application ID for the digital wallet solution. | > | `verifiedIdentityCredentialTypeId` | The ID for the verified identity credential solution. | 4. In the **Sign Up Page & Call Account Registration Sub-Flow** section, select the **Send Account Created Email** node and verify that the **Notification Name** is set to **New Account Created**. 5. Configure the **Healthcare - Progressive Verification during Authentication - Main Flow**: 1. Click **Flows**. 2. Select the **Healthcare - Progressive Verification during Authentication - Main Flow** and go to **…​ > Edit**. 3. Click the **Initialize Or Set Flow Variables** node and set values for the following variables: > **Collapse: Variables** > > | Variable | Description | > | --------------------- | --------------------------------------------------------------------------- | > | `p1AgreementId` | The ID of the agreement to use if your environment requires user agreement. | > | `p1MFAPolicyId` | The PingOne MFA policy to use. | > | `p1RiskPolicyIdAuthZ` | The PingOne risk policy to use for authorization. | > | `p1RiskPolicyIdReg` | The PingOne risk policy to use for registration. | > | `p1RiskPolicyIdAuthn` | The PingOne risk policy to use for authentication. | > | `p1RiskPolicyIdAR` | The PingOne risk policy to use for account recovery. | > | `flowCompanyLogo` | The company logo to use during the flow. | 4. In the **Threat Detection And Mitigation** section, select the **Notify User About High Risk Status** node and verify that the **Notification Name** is set to **Suspicious Activity**. 6. Configure the **Healthcare - Progressive Verification during Authentication - SignOn - Subflow**: 1. Click **Flows**. 2. Select the **Healthcare - Progressive Verification during Authentication - SignOn - Subflow** and go to **…​ > Edit**. 3. Click the **Initialize Or Set Flow Variables** node and set values for the following variables: **Table 1. Variables** | Variable | Description | | --------------------- | --------------------------------------------------------------------------- | | `p1AgreementId` | The ID of the agreement to use if your environment requires user agreement. | | `p1MFAPolicyId` | The PingOne MFA policy to use. | | `p1RiskPolicyIdAuthZ` | The PingOne risk policy to use for authorization. | | `p1RiskPolicyIdReg` | The PingOne risk policy to use for registration. | | `p1RiskPolicyIdAuthn` | The PingOne risk policy to use for authentication. | | `p1RiskPolicyIdAR` | The PingOne risk policy to use for account recovery. | | `flowCompanyLogo` | The company logo to use during the flow. | 4. In the **Call Change Password Sub-Flow** section, select the **Send Password Has Been Reset Email** node and verify that the **Notification Name** is set to **Password Change**. 5. In the **Threat Detection And Mitigation** section, select the **Notify User About High Risk Status** node and verify that the **Notification Name** is set to **Suspicious Activity**. 7. (Optional) If you plan to use a mobile application, configure the **Healthcare - Progressive Verification during Authentication - Device Registration - Subflow**: 1. Click **Flows**. 2. Select the **Healthcare - Progressive Verification during Authentication - Device Registration - Subflow** and go to **…​ > Edit**. 3. In the **Mobile App Registration Flow** section, click the **Create Pairing Key** node. 4. In the **Applications** field, enter one or more application IDs to specify which applications can be used with the pairing key. If you do not specify one or more application IDs, all applications can be used. 8. Verify that the PingOne flow setting is correct for your environment. ### Choose from: * If you want to launch the Healthcare flow pack solution using a redirect, the flow must be configured as a PingOne flow. * If you want to launch the Healthcare flow pack solution using the widget, the flow must not be configured as a PingOne flow. 1. Click **Flows**. 2. Click the **Healthcare - Registration with Threat Detection and ID Verification - Main Flow**. 3. Go to **[icon: ellipsis-v, set=fa]> Flow Settings**. 4. If you plan to launch the flow through a redirect, click the **PingOne Flow** toggle. 5. If you made changes to the flow settings, click **Save**, close the flow settings pane, and click **Deploy**. 9. Configure DaVinci applications that invoke the main flows: * **Healthcare - Registration with Threat Detection and ID Verification - Main Flow** * **Healthcare - Progressive Verification during Authentication - Main Flow** * **Healthcare - CSR Help Desk - Main Flow** Learn more in [Creating an application](https://docs.pingidentity.com/davinci/applications/davinci_creating_an_application.html) and [Configuring a flow policy](https://docs.pingidentity.com/davinci/applications/davinci_configuring_a_flow_policy.html) in the DaVinci documentation. 1. On the **Applications** tab, click **Add Application**. 2. In the **Name** field, enter a name for the application. 3. Click **Create**. 4. On the **Applications** tab, find the application that you created and click **Edit**. 5. On the **Flow Policy** tab, click **Add Flow Policy**. 6. In the **Name** field, enter a name for the flow policy. 7. Select **PingOne Flow Policy** if you plan to invoke the flow using a PingOne redirect. 8. In the **Flows** section, select the **Healthcare - Registration with Threat Detection and ID Verification - Main Flow**. 9. In the **Version** section, select one or more versions of the flow to use. 10. Click **Create Flow Policy**. 11. In the **Distribution** field, set the weight for the selected flow to `100`. 12. Click **Save Flow Policy**. 13. Click **Apply**. 14. Repeat steps a - m for the **Healthcare - Progressive Verification during Authentication - Main Flow**. 15. Repeat steps a - m for the **Healthcare - CSR Help Desk - Main Flow**. 10. If you're using a test environment, move the flows to your production environment: 1. In your testing environment, click **Flows**. 2. Click the **Healthcare - Registration with Threat Detection and ID Verification - Main Flow** flow. 3. Go to **[icon: ellipsis-v, set=fa]> Download Flow JSON**. ### Result: The **Export Flow** panel opens. 4. Click **Yes**. ### Result: The flow and its subflows are downloaded locally. 5. Sign on to your production environment and click **Flows**. 6. Click **Add Flow > Import from JSON**. 7. Select the JSON file containing the flows. 8. Click **Import**. 9. Repeat the previous steps in your production environment. 11. Invoke the flow or flows using the widget or a redirect. ### Choose from: * If you want to launch the flow in a separate window using a PingOne redirect, use the procedure in [Launching a PingOne flow with a redirect](https://docs.pingidentity.com/davinci/integrating_flows_into_applications/davinci_launch_flow_redirect.html) in the DaVinci documentation. The Healthcare - Registration with Threat Detection and ID Verification - Main Flow flow can be launched with a redirect. * If you want to launch the flow in a widget within the user's current window, use the procedure in [Launching a flow with the widget](https://docs.pingidentity.com/davinci/integrating_flows_into_applications/davinci_launching_a_flow_with_the_widget.html) in the DaVinci documentation. The **Healthcare - Registration with Threat Detection and ID Verification - Main Flow** can be launched with the widget. | | | | - | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | When you invoke the flow using the widget, you must include your company logo as a background image in the `dialog-content-header__logo` CSS class. For example:``` .dialog-content-header__logo { background-image: url("./company-logo.svg"); } ```You can include any of the following parameters. When present, the parameter value is used instead of the corresponding variable value.Use the following format to pass parameters to the flow:``` flowParameters:{ parameter1: "value", parameter2: "value" } ``` | > **Collapse: Parameters** > > | Parameter | Corresponding variable | Description | > | ------------------------- | ----------------------- | ------------------------------------------------------------------------ | > | `isEmailMagicLinkEnabled` | `ciam_magicLinkEnabled` | A Boolean indicating whether magic links are enabled for your end users. | > | `isTermsOfServiceEnabled` | `ciam_agreementEnabled` | A Boolean indicating whether agreement is enabled in your environment. |