PingOne Advanced Identity Cloud

Deploying Autonomous Access

End of life for Autonomous Access

After much consideration and extensive evaluation of our product portfolio, Ping Identity is discontinuing support for the Advanced Identity Cloud Autonomous Access product, effective October 31, 2024.

To support our Autonomous Access customers, we’re offering migration assistance to PingOne Protect, an advanced threat detection solution that leverages machine learning to analyze authentication signals and detect abnormal online behavior. PingOne Protect is a well-established product, trusted by hundreds of customers worldwide.

The end of life for Autonomous Access indicates the following:

  • Sales support for Autonomous Access will end.

  • The product will no longer receive regular patches or fixes.

  • Development support for features and security updates will be discontinued.

  • Product documentation will be archived and available in PDF format on our legacy documentation site on November 4, 2024.

For any questions, please contact Ping Identity Support for assistance.

Autonomous Access is an add-on capability available to new and existing PingOne Advanced Identity Cloud customers who sign up for this feature.

Learn about the deployment steps

Once a customer has signed up for Autonomous Access, ForgeRock staff deploys the service in the following manner:

  1. Integration. ForgeRock adds Autonomous Access to the private tenants of new or existing PingOne Advanced Identity Cloud customers. For more information, refer to Learn about integration.

  2. Set up journeys. After ForgeRock integrates the Autonomous Access service into your tenants, the ForgeRock Professional Services (FPS) team configures an Autonomous Access journey for initial data collection. For more information, refer to Create journeys.

  3. Set or confirm data sources. The next step is to define a training dataset, or data source. For Advanced Identity Cloud, Autonomous Access uses a default data source, autoaccess-ds that pulls in data from the data lake. You only need to verify that the autoaccess-ds data source is present and active.

    Typically, you also need to define a mapping to match customer data attributes to the Autonomous Access schema for training. However, you can skip this step due to the autoaccess-ds data source, which already maps its attributes. For more information, refer to Set the data sources.

  4. Set the risk configuration. Set the AI/ML configuration and threshold properties required by Autonomous Access on the Risk Config page. For more information, refer to Configure the risk settings.

  5. Run training. The training pipeline job is initiated to train the AI/ML models. When the Autonomous Access nodes are configured in an authentication journey, heuristics are enabled. ForgeRock encourages our customers to create and run the training pipelines and evaluate the models for accuracy. Administrators can run training on a periodic basis (e.g., bi-weekly or bi-monthly) and as soon as the Autonomous Access journeys begin to collect data. For more information, refer to Run training.

  6. Tune the models. Once you get an initial risk model, you must tune it for improved training performance. After you tune the models, you must rerun the training job to update your models. For more information, refer to Tune the model.

  1. Publish the model. After the predictions job completes, you will be asked to publish the model for later use.

  2. Grant roles. Grant roles to users to access either Autonomous Access dashboards, configuration, or both. For more information, refer to Grant Autonomous Access roles.