PingOne Solution Packs

Configuring PingOne for the Healthcare flow pack solution

Verify that your PingOne environment has the necessary configuration to run the Healthcare flow pack solution and enable all the features that you want to use.

About this task

These steps ensure that the PingOne configuration is correct and enable features such as magic links, agreements, and social sign-on.

Steps

  1. Verify that you have an email server configured in PingOne.

    Learn more about email servers in Configuring Trusted Email Addresses in the PingOne documentation.

    1. Go to Settings > Sender.

    2. Click the Pencil icon.

    3. On the Email tab, in the Email Sender section, click Ping Server.

    4. In the Domain list, select your trusted email domain.

    5. Enter the sender details:

      From Name: Enter the name that appears as the sender’s name in the email message.

      From Address: Select an email address in the list, or click New to open the New Address page and create a new address.

    6. Enter the reply-to details:

      Reply-To Name: Enter the name that appears as the reply-to name in the email message.

      Reply-To Address: Select an email address in the list, or click New to open the New Address page and create a new address.

    7. Click Save.

  2. Create or verify the required pregenerated notification templates in your PingOne environment.

    Learn more about adding and customizing notification templates in Adding a notification and Editing a notification in the PingOne documentation.

    1. Click one of the template links to view the corresponding template in the Ping Library:

    2. Click Copy to copy the template HTML.

    3. In PingOne, go to User Experience > Notification Templates.

    4. Click to create a new template.

    5. In the Type list, select General.

    6. In the Name field, enter the template’s name as it is displayed on the Ping Library page.

    7. Click Create.

    8. In the Email section, in the Subject field, click the Pencil icon and enter a subject corresponding to the template:

      Notification template Subject

      Account Disabled

      Critical security alert

      Magic Link Authentication

      Magic link authentication

      New Account Created

      Welcome ${firstName} to \{\{Brand Name}}!

      New Device Sign-in Activity

      Security alert

      Password Changed

      Password change

      Suspicious Activity

      Security alert

    9. Click the icon to save the subject changes.

    10. Click the Edit icon in the New Email field, then paste the template HTML you copied in step b.

    11. Click the Save icon to save the field changes.

    12. Click the X icon to close the template.

    13. Repeat steps a - l for each remaining template.

  3. Create the Change Password Magic Link template:

    1. In PingOne, go to User Experience > Notification Templates.

    2. Click to create a new template.

    3. In the Type list, select General.

    4. In the Name field, enter Change Password Magic Link.

    5. Click Create.

    6. In the Subject field, configure a subject:

      1. Click the Pencil icon.

      2. Enter the subject Password Change Request.

      3. Click the icon.

    7. In the New Email field, configure the message body:

      1. Click the Pencil icon.

      2. Enter a body for the new transaction message. For example:

        <div
  style="display: block; text-align: center; font-family: sans-serif; border: 1px solid #c5c5c5; width: 400px; padding: 30px 20px;">
  <img src="https://assets.pingone.com/ux/ui-library/5.0.2/images/logo-pingidentity.png" alt="Company Logo" style="height: 65px; margin-bottom: 10px" />
  <h1>Password Change Request</h1>
  <div style="margin-top: 20px; margin-bottom:25px">
    <p>Please click the link below to change your password. </p>
    <a href="${magicLink}" style="font-size: 14pt">Change Password</a>
  </div>
</div>

      3. Click the icon.

    8. Click X to close the template.

  4. Verify that you have a multi-factor authentication (MFA) policy configured in PingOne.

    Learn more in the PingOne MFA policies documentation.

    1. In PingOne, go to Authentication > MFA.

    2. Click the MFA policy marked as the default.

    3. Verify that the Method Selection is set to Prompt User to Select.

    4. Verify that the policy’s Allowed Authentication Methods include the authentication methods that you want to use from the following:

      • Email

      • SMS

      • FIDO2

      • Voice

      • TOTP

      • Mobile

  5. Verify that the default population exists:

    1. Go to Directory > Populations.

    2. In the list of populations, verify that a population is marked as Default.

    3. If no existing population is marked as Default, select a population and go to More options ( ) > Edit Population.

    4. Click Make Default Population.

    5. Click Switch.

    6. Click Save.

  6. Add the attributes required for the solution.

    1. Go to Directory > User Attributes.

    2. Click the icon.

    3. Click Declared.

    4. Click Next.

    5. Enter the information for one of the following attributes:

      Name Display name Description

      emailVerifiedByP1Verify

      emailVerifiedByP1Verify

      A string used to store the email verification status during PingOne Verify verification.

      providerPhone

      providerPhone

      The user’s healthcare provider’s phone number.

      providerName

      providerName

      The user’s healthcare provider’s company name.

      providerAddress

      providerAddress

      The user’s healthcare provider’s address.

      primaryPhone

      primaryPhone

      The user’s primary phone number.

      policyNumber

      policyNumber

      The user’s policy ID number.

      pharmacyPhone

      pharmacyPhone

      The user’s primary pharmacy’s phone number.

      pharmacyName

      pharmacyName

      The user’s primary pharmacy’s company name.

      medicalConditions

      medicalConditions

      The user’s medical conditions.

      loginCount

      loginCount

      The number of times the user has logged in.

      insuranceProvider

      insuranceProvider

      The user’s insurance provider company name.

      emergencyRelationship

      emergencyRelationship

      The user’s relationship with their emergency contact.

      emergencyPhone

      emergencyPhone

      The user’s emergency contact phone number.

      emergencyName

      emergencyName

      The user’s emergency contact name.

      currentMedications

      currentMedications

      The user’s current medications.

    6. Click Save.

    7. Repeat steps b - f for each remaining attribute.

    8. Populate these attributes with values for each user. Learn more in the PingOne User Attribute documentation.

  7. Create a facial comparison policy in PingOne.

    1. Go to Identity Verification > Verify Policies.

    2. Click the icon.

    3. In the Name field, enter a name for the new policy.

    4. In the Facial Comparison section, select Required.

    5. For all other forms of identity verification, select Disabled.

    6. Click Save.

    7. Select the new policy and copy the ID.

  8. (Optional) If you plan to use PingOne Protect and you don’t want to use the default risk policy, create a new risk policy according to the PingOne Protect documentation.

  9. (Optional) If you plan to use FIDO2, verify that the default Passkeys policy is selected.

    Learn more about FIDO policies in the PingOne FIDO policies documentation.

    1. Go to Authentication > FIDO.

    2. Verify that the Passkeys policy is set as the default.

    3. If the Passkeys policy is not the default, go to ⋮ > Make Default, then click Save.

  10. (Optional) If you plan to use an agreement, verify that you have an agreement configured in PingOne and copy the agreement ID.

    Learn more about configuring agreements in Adding an agreement in the PingOne documentation.

    1. Go to User Experience > Agreements.

    2. Verify that the agreement exists and is enabled.

    3. Click the agreement to open the details panel.

    4. On the API tab, copy the ID.

    The agreement ID is used in a later procedure to configure the flows in DaVinci.

  11. (Optional) Verify that you have an external identity provider (IdP) configured in PingOne for each valid third party you want to use as a social sign-on option.

    Learn more about how IdPs are used in PingOne in Identity Providers in the PingOne documentation.

    1. If you want to use Google as a social sign-on option, verify that Google is configured as an IdP according to the procedure in Adding an identity provider - Google in the PingOne documentation. During configuration, use the following property mappings:

      Google property PingOne property

      email address

      username

      email address

      email

      family name

      family name

      given name

      given name

    2. If you want to use Facebook as a social sign-on option, verify that Facebook is configured as an IdP according to the procedure in Adding an identity provider - Facebook in the PingOne documentation. During configuration, use the following property mappings:

      Facebook property PingOne property

      email address

      username

      email address

      email

      family name

      family name

      given name

      given name

    3. If you want to use Apple as a social sign-on option, verify that Apple is configured as an IdP according to the procedure in Adding an identity provider - Apple in the PingOne documentation. During configuration, use the following property mappings:

      Apple property PingOne property

      email address

      username

      email address

      email