Updating completion status for risk evaluations
When PingOne Protect is integrated into a user journey, you can define different paths in the flow based on the risk evaluation response. For example, in an authentication flow, each risk evaluation created determines whether the user is granted access, challenged with multi-factor authentication (MFA), or denied access.
About this task
For every Create Risk Evaluation
event in a user flow, PingOne Protect also requires an Update Risk Evaluation
event that includes the flow completion status for the risk evaluation. Updating the flow completion status allows PingOne Protect to improve the accuracy of future risk evaluations.
Steps
-
Update the risk evaluation completion status for an event:
Choose from:
-
PingOne API: Use the https://apidocs.pingidentity.com/pingone/platform/v1/api/#risk-evaluations
completionStatus
property] in the risk evaluation. -
PingOne DaVinci: Add a PingOne Protect connector with the
Update Risk Evaluation
capability at the end of a user flow. -
PingOne Advanced Identity Cloud: Add a PingOne Protect Result node to an Advanced Identity Cloud journey.
-
PingAM: Add a PingOne Protect Result node to a PingAM journey.
-
PingFederate: The PingOne Protect Integration Kit handles updating the risk evaluation automatically and does not require additional configuration.
-
For any other integration, make sure to include an Update Risk Evaluation event at the end of your user journey.
-
Result
After adding an Update Risk Evaluation
event, completionStatus
is updated as one of the following:
-
SUCCESS
when the user was granted access or passed the MFA challengeOnly events with
completionStatus=SUCCESS
allow the predictors to learn. -
FAILED
when the user was denied access or failed the MFA challenge.If a user is unable to successfully complete an event (for example, if their authentication failed), the risk evaluation for the event is updated as
completionStatus=FAILED
.
If completionStatus
is not updated, the status remains completionStatus=IN_PROGRESS
, and the predictor cannot learn from the event and stays in training mode.