PingOne for Customers Passwordless

OOTB - Device Management - Main Flow

The OOTB - Device Management - Main Flow lets users view and manage the devices associated with their account. It can only be launched using the widget.

Purpose

The OOTB - Device Management - Main Flow presents users with their current multi-factor authentication (MFA) devices. It then presents the options for users to add new devices, change the name or status of existing devices, or remove an existing device.

Structure

Diagram of the structure, as described below.

This flow is divided into sections using teleport nodes:

Check Pre-requisite for Device Management

Uses PingOne nodes to check for an existing session and retrieve user information. If MFA is enabled for the account, the flow progresses to the Display User Devices section. If MFA is not enabled, the flow progresses to the Enable MFA section.

Enable MFA

Displays a custom HTML template gives the user an option to enable MFA. If the user does so, a PingOne node enables MFA for the account and the flow progresses to the Display User Devices section.

Display User Devices

Uses a PingOne node to retrieve the user’s known devices. If the user can add devices, a custom HTML template presents the user with device options. If the user selects Add, the flow progresses to the Add Device section. If the user selects Done or Cancel, the flow progresses to the Return Success section. If the user selects an existing device, the flow progresses to the Update Device section.

Add Device

Invokes the CIAM-Passwordless-Protect-Device-Registration-Subflow flow. It then progresses to the Display User Devices section if the addition was successful or canceled.

Update Device

Presents users with a custom HTML page showing options for a currently selected device. The Save, Default, and Remove options trigger PingOne nodes to save a new device name, set the current device as default, or remove the current device. The flow then progresses to the Display User Devices section.

Return Error

Displays an error message, then sends a JSON error response.

Return Success

Sends a JSON success message.

Input schema

This flow has the following inputs.

Input Name Description

username

The username of the user whose profile is being updated.

Output schema

This flow has the following outputs.

Output Name Description

ciam_errorMessage

The error message to display in the parent flow.

ciam_errorCode

The error code to display in the parent flow.

Variables and parameters

This flow uses the following variable or parameter values.

Variable name Parameter name Description

ciam_sessionLengthInMinute

None

The number of minutes after which a session is no longer valid.

ciam_logoStyle

None

The HTML style to use for your company logo.

ciam_logoUrl

None

The URL for your company logo.

ciam_companyName

None

Displays the name of your company.

isSmsOTPEnabled

ciam_smsOtpEnabled

A boolean indicating whether one-time passcode using sms is enabled in your environment.

isEmailOTPEnabled

ciam_emailOtpEnabled

A boolean indicating whether one-time passcode using email is enabled in your environment.

isFidoPasskeyEnabled

ciam_fidoPasskeyEnabled

A boolean indicating whether FIDO passkey is enabled in your environment.