PingOne

Getting started with PingOne Verify

You can integrate identity verification directly into your mobile app using PingOne Verify.

The PingOne Verify mobile SDK prompts end users to provide proof of identity, streamlining the verification process to prevent fraud and abuse by:

  • Capturing a live facial image of the end user

  • Scanning and validating the end user’s government-issued identity documents

  • Confirming data matching

Configuring and orchestrating PingOne Verify

Configure PingOne Verify and orchestrate the verification flow to manage how a verify transaction is triggered and processed for end users.

Metro map of configuring and orchestrating PingOne Verify.

Before you begin

Regardless of the configuration method you choose, you’ll need:

Steps

  • You can choose one of the following methods to orchestrate a verify transaction:

    Choose from:

    • API integration

    • PingOne DaVinci

    • PingFederate Integration Kit

    • Mobile SDK

    • PingOne Advanced Identity Cloud and PingAM

  • PingOne API

  • PingOne DaVinci

  • PingFederate

  • Mobile SDK

  • PingOne Advanced Identity Cloud and PingAM

To configure PingOne Verify with the PingOne REST API:

Steps

  1. Create your theme in PingOne Branding and themes to brand the PingOne Verify web experience for your end users.

  2. (Optional) Use language localization to configure one or more languages and modify the PingOne Verify text fields that are presented to end users.

  3. (Optional) If you enabled one-time passcode (OTP) through phone or email verification in your policy, create notification templates.

  4. Trigger your first verify transaction:

    1. Read Getting started with the PingOne APIs.

    2. Download the PingOne Postman collection.

    3. Note the Variables you must value.

    4. Obtain a PingOne access token.

      Your {{authPath}} environment variable in Postman should begin with auth.pingone. See Variables you must value in the PingOne API documentation to determine the correct {{authPath}} for your region. Note that nothing trails the domain in the {{authPath}} variable.

    5. Create a new verify transaction with the Create Verify Transaction API call.

      Your {{apiPath}} environment variable in Postman should begin with api.pingone. See Variables you must value in the PingOne API documentation to determine the correct {{apiPath}} for your region. Note that the trailing /v1 is required (for example, api.pingone.com/v1).

      Learn more in PingOne API requests.

      Result:

      Postman renders a QR code.

      A screen capture of the QR code that Postman renders when creating a Verify transaction.

    6. Scan the QR code with a smartphone camera to try the mobile web flow.

  5. View the data submitted in the transaction and the scores returned from verification services.

    Choose from:

    • Using the API: Use the Verified Data and Verification Metadata endpoints.

    • Using the PingOne admin console:

      1. In PingOne, go to Environment → Audit.

      2. Edit the Time Range and Within fields as needed.

      3. For Filter Type, select Event Type.

      4. For Filter, enter verify in the Search Filter Type field.

      5. Select any of the Verify event types.

        You can find a complete list of events logged in PingOne in Audit Reporting Events in the PingOne API documentation.
        A screen capture of the PingOne Audit page with 'verify' entered in the Filter field.

      6. Click Run.

      7. To view the specific data and scores from an event, click View in the Details column in the report summary.

To configure PingOne Verify using PingOne DaVinci:

Before you begin

Add PingOne DaVinci to your PingOne environment. Learn more in Creating an environment.

Steps

  1. Create your theme in PingOne Branding and themes to brand the PingOne Verify web experience for your end users.

  2. (Optional) Use language localization to configure one or more languages and modify the PingOne Verify text fields that are presented to end users.

  3. (Optional) If you enabled OTP through phone or email verification in your policy, create notification templates.

  4. Import the PingOne Verify quick start flow template in PingOne DaVinci by downloading it from the Ping Identity Marketplace.

  5. Update the flow with your PingOne Verify policy:

    1. Click the PingOne Verify Create transaction node in the flow.

    2. In the Verify Policy list, select the policy to use.

    A screen capture of the PingOne Verify Create transaction node details in PingOne DaVinci.

  6. To run the flow and trigger a PingOne Verify transaction, click Try Flow.

    Result:

    PingOne DaVinci renders a QR code.

    A screen capture of the QR code that you can scan with your mobile device to start the verification process.

  7. Scan the QR code on your mobile device to try the mobile web flow.

  8. View the data submitted in the transaction and the scores returned from verification services.

    Choose from:

    • Using the API: Use the Verified Data and Verification Metadata endpoints.

    • Using the PingOne admin console:

      1. In PingOne, go to Environment → Audit.

      2. Edit the Time Range and Within fields as needed.

      3. For Filter Type, select Event Type.

      4. For Filter, enter verify in the Search Filter Type field.

      5. Select any of the Verify event types.

        You can find a complete list of events logged in PingOne in Audit Reporting Events in the PingOne API documentation.
        A screen capture of the PingOne Audit page with 'verify' entered in the Filter field.

      6. Click Run.

      7. To view the specific data and scores from an event, click View in the Details column in the report summary.

Using PingFederate

To use PingFederate to configure the PingOne Verify Integration Kit:

Steps

Using the PingOne Verify mobile SDK

Mobile application developers use the PingOne Verify mobile SDK for iOS and PingOne Verify mobile SDK for Android to create the PingOne Verify app for their users. The app is a self-service app for iOS or Android devices that guides the user through the process of taking photos of their ID and a selfie and submitting the photos to PingOne for verification.

To use the PingOne Verify mobile SDK:

Steps

  1. Run the sample app from Github:

  2. Integrate the PingOne Verify mobile SDK into your own app:

Integrating with PingOne Advanced Identity Cloud and PingAM

Advanced Identity Cloud is a digital identity and access management (IAM) software as a service (SaaS) solution for any identity, workforce, or consumer.

PingAM software manages access to resources, such as web pages, applications, or web services available over a network. PingAM centralizes access control by handling both authentication and authorization.

To take advantage of PingOne Verify features, you can integrate PingOne Verify nodes into your Advanced Identity Cloud and PingAM journeys. Learn more in Journeys.

Before you begin

Make sure you have:

Steps

  1. Configure the PingOne service in Advanced Identity Cloud.

  2. Set up your user journey in Advanced Identity Cloud or PingAM with PingOne Verify nodes in the journey:

  3. Validate that the PingOne Verify Evaluation node is working by doing the following:

    1. Configure the node with Store Verification Metadata and Store Verified Data enabled.

    2. Use a Scripted Decision node to return the node state and make sure the values of the pingOneVerifyMetadata, pingOneVerifyVerifiedData, and pingOneVerifyEvaluationFailureReason properties are what you expect. You can also run the journey with Debugging enabled.

    3. Add message nodes attached to individual results outputs to understand the flow.

  4. Validate that the PingOne Verify Completion Decision node is working by doing the following:

    1. Use logger messages in your Completion processing script to determine the processing goals and outcomes, and monitor the log.

    2. Evaluate the nodeState values of the PingOne Verify nodes that were set in the script using a Scripted Decision node that returns the nodeState, or with the Debugger enabled

    3. Add message nodes attached to individual results outputs to understand the flow.

Next steps

After you’ve familiarized yourself with how PingOne Verify works and have it running: