PingOne

Configuring authenticator app authentication

You can use any third-party authenticator app that can generate a standard time-based one-time passcode (TOTP) for multi-factor authentication (MFA). Examples include Google Authenticator or Microsoft Authenticator.

Before you begin

To add an authenticator app as an authentication method, you need:

  • A PingOne environment. The authentication policy should include the relevant MFA policy.

About this task

External authenticator apps are a useful solution in cases such as:

  • A workforce organization that cannot allow the PingID mobile app on their devices, as PingID must be added to the allow list.

  • An organization that wants to use a single authenticator app and has users that must authenticate to multiple organizations.

Users can use an authenticator app to access an account or application through the web, VPN, Mac login, or SSH. When authenticator app authentication is enabled, users can download the authenticator app of their choice and pair it with their PingOne account. Users can pair more than one authenticator app with their account.

Learn more about the user experience in the PingID End User Guide.

Steps

  • Configure the authenticator app authentication method in the MFA policy. Learn more in MFA policy.