PingOne

Enable and configure PingID desktop app as an authentication method

This section documents the PingID desktop application.

Before you begin

About this task

Enable and configure the PingID desktop application in the relevant PingOne environment.

Steps

  1. In PingOne, go to Authentication > MFA and edit the relevant multi-factor authentication (MFA) policy.

    1. In the Allowed Authentication Methods section, select PingID Desktop for passwordless authentication with the desktop app, and then configure the following fields:

      • Failure Limit: Define the maximum number of times that authentication requests can fail (1 - 7). This limit applies specifically to server assertion failures rather than client-side authentication errors.

      • Lock Duration: The amount of time this authentication method is locked if the Failure Limit is exceeded (0 seconds - 30 minutes).

      • Allow Pairing: Select the checkbox to allow users to pair PingID desktop app.

      • Rename device during pairing: Select the checkbox to allow users to define a device nickname during the pairing flow.

      • Relying Party Domain: Select the unique identifier that represents the website or application requesting the user’s authentication (the default value is pingone.com).

      • Relying Party ID: Enter the relevant Relying Party ID (RPID).

        You can find more information about the MFA policy and a full list of available fields in Configuring an MFA policy for strong authentication.

    2. (Optional) To change the communication port used by the application, after saving the MFA policy changes, go to Applications > Applications edit the PingID Desktop application Communication Port field. The default port number is 9410.

      The port number must match the port number defined in the PingID desktop app client during installation.