--- title: Configuring PingOne for the Healthcare flow pack solution description: Learn about how to configure PingOne as part of the Healthcare flow pack. component: pingone-solutions page_id: pingone-solutions:healthcare:getting-started/healthcare-configuring-p1 canonical_url: https://docs.pingidentity.com/pingone-solutions/healthcare/getting-started/healthcare-configuring-p1.html revdate: September 6, 2024 section_ids: about-this-task: About this task steps: Steps --- # Configuring PingOne for the Healthcare flow pack solution Verify that your PingOne environment has the necessary configuration to run the Healthcare flow pack solution and enable all the features that you want to use. ## About this task These steps ensure that the PingOne configuration is correct and enable features such as magic links, agreements, and social sign-on. ## Steps 1. Verify that you have an email server configured in PingOne. Learn more about email servers in [Configuring Trusted Email Addresses](https://docs.pingidentity.com/pingone/settings/p1_configure_trusted_email.html) in the PingOne documentation. 1. Go to **Settings > Sender**. 2. Click the **Pencil** icon. 3. On the **Email** tab, in the **Email Sender** section, click **Ping Server**. 4. In the **Domain** list, select your trusted email domain. 5. Enter the sender details: **From Name**: Enter the name that appears as the sender's name in the email message. **From Address**: Select an email address in the list, or click **New** to open the **New Address** page and create a new address. 6. Enter the reply-to details: **Reply-To Name**: Enter the name that appears as the reply-to name in the email message. **Reply-To Address**: Select an email address in the list, or click **New** to open the **New Address** page and create a new address. 7. Click **Save**. 2. Create or verify the required pregenerated notification templates in your PingOne environment. Learn more about adding and customizing notification templates in [Adding a notification](https://docs.pingidentity.com/pingone/user_experience/p1_add_notification.html) and [Editing a notification](https://docs.pingidentity.com/pingone/user_experience/p1_edit_notification.html) in the PingOne documentation. 1. Click one of the template links to view the corresponding template in the Ping Library: * [Account Disabled](https://library.pingidentity.com/page/ciam-plus-account-disabled-notification-template) * [Magic Link Authentication](https://library.pingidentity.com/page/ciam-plus-magic-link-authentication-notification-template) * [New Account Created](https://library.pingidentity.com/page/ciam-plus-new-account-created-notification-template) * [New Device Sign-in Activity](https://library.pingidentity.com/page/ciam-plus-new-device-signin-activity-notification-template) * [Password Changed](https://library.pingidentity.com/page/ciam-plus-password-changed-notification-template) * [Suspicious Activity](https://library.pingidentity.com/page/ciam-plus-suspicious-activity-notification-template) 2. Click **Copy** to copy the template HTML. 3. In PingOne, go to **User Experience > Notification Templates**. 4. Click **[icon: plus, set=fa]**to create a new template. 5. In the **Type** list, select **General**. 6. In the **Name** field, enter the template's name as it is displayed on the Ping Library page. 7. Click **Create**. 8. In the **Email** section, in the **Subject** field, click the **Pencil** icon and enter a subject corresponding to the template: | Notification template | Subject | | --------------------------- | ------------------------------------------- | | Account Disabled | Critical security alert | | Magic Link Authentication | Magic link authentication | | New Account Created | Welcome ${firstName} to \\{\\{Brand Name}}! | | New Device Sign-in Activity | Security alert | | Password Changed | Password change | | Suspicious Activity | Security alert | 9. Click the **[icon: check, set=fa]**icon to save the subject changes. 10. Click the **Edit** icon in the **New Email** field, then paste the template HTML you copied in step b. 11. Click the **Save** icon to save the field changes. 12. Click the **X** icon to close the template. 13. Repeat steps a - l for each remaining template. 3. Create the **Change Password Magic Link** template: 1. In PingOne, go to **User Experience > Notification Templates**. 2. Click **[icon: plus, set=fa]**to create a new template. 3. In the **Type** list, select **General**. 4. In the **Name** field, enter `Change Password Magic Link`. 5. Click **Create**. 6. In the **Subject** field, configure a subject: 1. Click the **Pencil** icon. 2. Enter the subject `Password Change Request`. 3. Click the **[icon: check, set=fa]**icon. 7. In the **New Email** field, configure the message body: 1. Click the **Pencil** icon. 2. Enter a body for the new transaction message. For example: ```html
Company Logo

Password Change Request

Please click the link below to change your password.

Change Password
``` 3. Click the **[icon: check, set=fa]**icon. 8. Click **X** to close the template. 4. Verify that you have a multi-factor authentication (MFA) *(tooltip: \
\

An electronic authentication method where a user is granted access only after presenting two or more verification factors for authentication.\

\
)* policy configured in PingOne. Learn more in the PingOne [MFA policies](https://docs.pingidentity.com/pingone/authentication/p1_mfa_policies.html) documentation. 1. In PingOne, go to **Authentication > MFA**. 2. Click the MFA policy marked as the default. 3. Verify that the **Method Selection** is set to **Prompt User to Select**. 4. Verify that the policy's **Allowed Authentication Methods** include the authentication methods that you want to use from the following: * **Email** * **SMS** * **FIDO2** * **Voice** * **TOTP** * **Mobile** 5. Verify that the default population exists: 1. Go to **Directory > Populations**. 2. In the list of populations, verify that a population is marked as **Default**. 3. If no existing population is marked as **Default**, select a population and go to **More options ( [icon: ellipsis-v, set=fa]) > Edit Population**. 4. Click **Make Default Population**. 5. Click **Switch**. 6. Click **Save**. 6. Add the attributes required for the solution. 1. Go to **Directory > User Attributes**. 2. Click the [icon: plus, set=fa]icon. 3. Click **Declared**. 4. Click **Next**. 5. Enter the information for one of the following attributes: | Name | Display name | Description | | ------------------------- | ------------------------- | ---------------------------------------------------------------------------------------- | | `emailVerifiedByP1Verify` | `emailVerifiedByP1Verify` | A string used to store the email verification status during PingOne Verify verification. | | `providerPhone` | `providerPhone` | The user's healthcare provider's phone number. | | `providerName` | `providerName` | The user's healthcare provider's company name. | | `providerAddress` | `providerAddress` | The user's healthcare provider's address. | | `primaryPhone` | `primaryPhone` | The user's primary phone number. | | `policyNumber` | `policyNumber` | The user's policy ID number. | | `pharmacyPhone` | `pharmacyPhone` | The user's primary pharmacy's phone number. | | `pharmacyName` | `pharmacyName` | The user's primary pharmacy's company name. | | `medicalConditions` | `medicalConditions` | The user's medical conditions. | | `loginCount` | `loginCount` | The number of times the user has logged in. | | `insuranceProvider` | `insuranceProvider` | The user's insurance provider company name. | | `emergencyRelationship` | `emergencyRelationship` | The user's relationship with their emergency contact. | | `emergencyPhone` | `emergencyPhone` | The user's emergency contact phone number. | | `emergencyName` | `emergencyName` | The user's emergency contact name. | | `currentMedications` | `currentMedications` | The user's current medications. | 6. Click **Save**. 7. Repeat steps b - f for each remaining attribute. 8. Populate these attributes with values for each user. Learn more in the [PingOne User Attribute documentation](https://docs.pingidentity.com/pingone/directory/p1_user_attributes.html). 7. Create a facial comparison policy in PingOne. 1. Go to **Identity Verification > Verify Policies**. 2. Click the [icon: plus, set=fa]icon. 3. In the **Name** field, enter a name for the new policy. 4. In the **Facial Comparison** section, select **Required**. 5. For all other forms of identity verification, select **Disabled**. 6. Click **Save**. 7. Select the new policy and copy the **ID**. 8. (Optional) If you plan to use PingOne Protect and you don't want to use the default risk policy, create a new risk policy according to the [PingOne Protect documentation](https://docs.pingidentity.com/pingone/threat_protection_using_pingone_protect/p1_protect_adding_risk_policy.html). 9. (Optional) If you plan to use FIDO2, verify that the default **Passkeys** policy is selected. Learn more about FIDO policies in the [PingOne FIDO policies](https://docs.pingidentity.com/pingone/authentication/p1_fido_policies.html) documentation. 1. Go to **Authentication > FIDO**. 2. Verify that the **Passkeys** policy is set as the default. 3. If the **Passkeys** policy is not the default, go to **⋮ > Make Default**, then click **Save**. 10. (Optional) If you plan to use an agreement, verify that you have an agreement configured in PingOne and copy the agreement ID. Learn more about configuring agreements in [Adding an agreement](https://docs.pingidentity.com/pingone/user_experience/p1_add_an_agreement.html) in the PingOne documentation. 1. Go to **User Experience > Agreements**. 2. Verify that the agreement exists and is enabled. 3. Click the agreement to open the details panel. 4. On the **API** tab, copy the **ID**. The agreement ID is used in a later procedure to configure the flows in DaVinci. 11. (Optional) Verify that you have an external identity provider (IdP) *(tooltip: \
\

A service that manages identity information and provides authentication services to relying clients or SPs within a federated or distributed network.\

\
)* configured in PingOne for each valid third party you want to use as a social sign-on option. Learn more about how IdPs are used in PingOne in [Identity Providers](https://docs.pingidentity.com/pingone/integrations/p1_external_idps.html) in the PingOne documentation. 1. If you want to use Google as a social sign-on option, verify that Google is configured as an IdP according to the procedure in [Adding an identity provider - Google](https://docs.pingidentity.com/pingone/integrations/p1_addidentityprovidergoogle.html) in the PingOne documentation. During configuration, use the following property mappings: | Google property | PingOne property | | --------------- | ---------------- | | `email address` | `username` | | `email address` | `email` | | `family name` | `family name` | | `given name` | `given name` | 2. If you want to use Facebook as a social sign-on option, verify that Facebook is configured as an IdP according to the procedure in [Adding an identity provider - Facebook](https://docs.pingidentity.com/pingone/integrations/p1_addidentityproviderfacebook.html) in the PingOne documentation. During configuration, use the following property mappings: | Facebook property | PingOne property | | ----------------- | ---------------- | | `email address` | `username` | | `email address` | `email` | | `family name` | `family name` | | `given name` | `given name` | 3. If you want to use Apple as a social sign-on option, verify that Apple is configured as an IdP according to the procedure in [Adding an identity provider - Apple](https://docs.pingidentity.com/pingone/integrations/p1_add_idp_apple_prereqs.html) in the PingOne documentation. During configuration, use the following property mappings: | Apple property | PingOne property | | --------------- | ---------------- | | `email address` | `username` | | `email address` | `email` |