Getting started with PingOne Verify
With PingOne Verify, you can integrate identity verification directly into your mobile app.
Using the PingOne Verify mobile SDK, you can prompt your customers to provide proof of identity, streamlining customer identity verification, while preventing fraud and abuse, by capturing live facial image and voice, scanning and validating government-issued identity documents, and confirming they match, all within your app.
Configuring PingOne Verify
Configure and integrate PingOne Verify into your user identity verification flow.
Before you begin
Regardless of the configuration method you choose, you’ll need:
-
A PingOne account with at least one environment that includes the PingOne Verify service. Learn more in Starting a PingOne trial and Creating an environment.
-
A PingOne Verify policy. Learn more about configuring a policy in Creating a verify policy.
About this task
There are five ways to configure PingOne Verify:
-
API integration
-
PingOne DaVinci
-
PingFederate Integration Kit
-
Mobile SDK
-
PingOne Advanced Identity Cloud and PingAM
The configuration method that you choose depends on your role.
| Role | Configuration Method |
|---|---|
Admins and developers |
Typically use the PingOne REST API or PingOne DaVinci to get started quickly and test a verify transaction. |
PingFederate admins |
Use the PingFederate admin console to configure the PingOne Verify Integration Kit. PingFederate supplies the authentication policy and user verification status for PingOne Verify. |
Mobile developers |
Use the PingOne Verify mobile SDK (iOS or Android) to create the app your users employ for ID verification. |
Advanced Identity Cloud and PingAM admins |
Use verification nodes in an authentication journey. |
Integrating PingOne Verify with user authentication journeys
Advanced Identity Cloud is a digital identity and access management (IAM) software as a service (SaaS) solution for any identity, workforce, or consumer.
PingAM software manages access to resources, such as web pages, applications, or web services, that are available over a network. PingAM centralizes access control by handling both authentication and authorization.
To take advantage of PingOne Verify features, you can integrate PingOne Verify nodes into your Advanced Identity Cloud and PingAM journeys. Learn more in Journeys.
Use the following nodes to integrate PingOne Verify with Advanced Identity Cloud and PingAM:
|
For self-managed deployments, these nodes are available only from PingAM 8.0 onwards. If you’re using an earlier version of PingAM, use the corresponding Marketplace nodes. |
-
PingOne API
-
PingOne DaVinci
-
PingFederate
-
Mobile SDK
-
PingOne Advanced Identity Cloud and PingAM
Using the PingOne REST API
About this task
To configure PingOne Verify with the PingOne REST API:
Steps
-
Create your theme in PingOne Branding and themes to brand the PingOne Verify web experience for your end users.
-
(Optional) Use language localization to configure one or more languages and modify the PingOne Verify text fields that are presented to end users.
-
(Optional) If you enabled one-time passcode (OTP) through phone or email verification in your policy, create notification templates.
-
Trigger your first Verify transaction:
-
Download the PingOne Postman collection.
-
Note the variables you must value.
-
Obtain a PingOne access token.
Your {{authPath}} environment variable in Postman should begin with
auth.pingone. See PingOne API domains to determine the correct {{authPath}} for your region. Note that nothing trails the domain in the {{authPath}} variable. -
Create a new Verify transaction with the Create Verify Transaction API call.
Your \{{apiPath}} environment variable in Postman should begin with
api.pingone. See PingOne API domains to determine the correct \{{apiPath}} for your region. Note that the trailing/v1is required (for example,api.pingone.com/v1).For more information, see PingOne API requests.
Result:
Postman renders a QR code.
-
Scan the QR code with a smartphone camera to try the mobile web flow.
-
View the data submitted in the transaction and the scores returned from verification services.
Choose from:
-
Using the API: Use the Verified Data and Meta Data endpoints.
-
Using the PingOne admin console:
-
In PingOne, go to Environment → Audit.
-
Edit the Time Range and Within fields as needed.
-
For Filter Type, select Event Type.
-
For Filter, enter
verifyin the Search Filter Type field. -
Select any of the Verify event types.
Learn more in Event types.
-
Click Run.
-
To view the specific data and scores from an event, click View in the Details column in the report summary.
-
-
Using PingOne DaVinci
Before you begin
Add PingOne DaVinci to your PingOne environment. For more information, see Creating an environment.
About this task
To configure PingOne Verify using PingOne DaVinci:
Steps
-
Create your theme in PingOne Branding and themes to brand the PingOne Verify web experience for your end users.
-
(Optional) Use language localization to configure one or more languages and modify the PingOne Verify text fields that are presented to end users.
-
(Optional) If you enabled OTP through phone or email verification in your policy, create notification templates.
-
Import a flow template in PingOne DaVinci by downloading it from the Integration Directory: PingOne Verify quick start flow template.
-
Update the flow with your PingOne Verify policy:
-
Click the PingOne Verify
Create transactionnode in the flow. -
In the Verify Policy list, select the policy to use.
-
-
To run the flow and trigger a PingOne Verify transaction, click Try Flow.
Result:
PingOne DaVinci renders a QR code.
-
Scan the QR code on your mobile device to try the mobile web flow.
-
View the data submitted in the transaction and the scores returned from verification services.
Choose from:
-
Using the API: Use the Verified Data and Meta Data endpoints.
-
Using the PingOne admin console:
-
In PingOne, go to Environment → Audit.
-
Edit the Time Range and Within fields as needed.
-
For Filter Type, select Event Type.
-
For Filter, enter
verifyin the Search Filter Type field. -
Select any of the Verify event types.
Learn more in Event types.
-
Click Run.
-
To view the specific data and scores from an event, click View in the Details column in the report summary.
-
-
Using PingFederate
About this task
To use PingFederate to configure the PingOne Verify Integration Kit:
Steps
-
Download PingFederate and the PingOne Verify Integration Kit from the PingFederate Downloads website.
You’ll need to work with your Ping Identity account team to start a trial license for PingFederate.
Learn more about getting started in the PingOne Verify Integration Kit documentation.
Using the PingOne Verify mobile SDK
About this task
Mobile application developers use the PingOne Verify mobile SDK for iOS and PingOne Verify mobile SDK for Android to create the PingOne Verify app for their users. The app is a self-service app for iOS or Android devices that guides the user through the process of taking photos of their ID and a selfie and submitting the photos to PingOne for verification.
To use the PingOne Verify mobile SDK:
Steps
-
Run the sample app from Github:
-
Integrate the PingOne Verify mobile SDK into your own app:
Integrating with PingOne Advanced Identity Cloud and PingAM
Before you begin
Make sure you have:
-
A PingOne Advanced Identity Cloud or PingAM account. Getting started with PingOne Advanced Identity Cloud.
-
A PingOne account. Learn more in Starting a PingOne trial.
-
A verify policy configured in PingOne (or use the default verify policy).
-
A worker application with the Identity Data Admin role assigned in PingOne.
About this task
To take advantage of PingOne Verify features, you can integrate PingOne Verify nodes into your Advanced Identity Cloud and PingAM journeys. Learn more in Journeys.
Steps
-
Configure the PingOne service in Advanced Identity Cloud.
-
Set up your user journey in Advanced Identity Cloud or PingAM with PingOne Verify nodes in the journey:
-
The PingOne Verify Evaluation node to start a new identity verification with PingOne Verify.
-
The PingOne Verify Completion Decision node to check the status of the last verify transaction.
-
The PingOne Verify Authentication node to integrate biometric authentication functionality in your journey.
-
The PingOne Verify Proofing node to integrate verification functionality using Government ID, Facial Comparison, and Liveness in a journey.
-
-
Validate that the PingOne Verify Evaluation node is working by doing the following:
-
Configure the node with Store Verification Metadata and Store Verified Data enabled.
-
Use a Scripted Decision node to return the node state and make sure the values of the
pingOneVerifyMetadata,pingOneVerifyVerifiedData, andpingOneVerifyEvaluationFailureReasonproperties are what you expect. You can also run the journey with Debugging enabled. -
Add message nodes attached to individual results outputs to understand the flow.
-
-
Validate that the PingOne Verify Completion Decision node is working by doing the following:
-
Use logger messages in your Completion processing script to determine the processing goals and outcomes, and monitor the log.
-
Evaluate the
nodeStatevalues of the PingOne Verify nodes that were set in the script using a Scripted Decision node that returns the nodeState, or with the Debugger enabled -
Add message nodes attached to individual results outputs to understand the flow.
-
Next steps
After you’ve familiarized yourself with how PingOne Verify works and have it running:
-
Learn more about ID verification in:
-
Learn more about your PingOne Verify license and the quota of transactions allowed in Viewing license information.