PingOne for Enterprise

Bypassing a user’s service

You can bypass the need for a user to authenticate using their secondary authentication method.

About this task

Bypassing a user’s service can be necessary, for example, if a user of the PingID service doesn’t have access to the mobile device that is paired with PingID. Generally, you will bypass a user’s secondary authentication for a selected duration. At the end of a limited duration, secondary authentication for the user resumes automatically.

Global Administrators can set the bypass for an unlimited duration if you want to bypass the user’s service permanently. All other administrators are limited to a maximum bypass period of 3 days.

Steps

  1. In the PingOne admin portal, click Users → Users by Service.

    Result:

    TheUsers by Service page lists all of your users for all services.

  2. Below the search bar, click the service you’re interested in.

    The list is filtered to display only the selected service users.

  3. For a selected user, click the Expand icon to expand the user information for the service.

  4. Click the edit icon, then click the Bypass toggle.

    Result:

    You are prompted to select the duration for bypassing the specific service from a list.

  5. Select the duration to bypass the service.

    If you’re a Global Administrator, you can select Unlimited Time to bypass the service indefinitely. All other administrators are restricted to a maximum period of 3 days.

  6. Click the Bypass toggle again to enable your bypass setting.

    When the selected length of time has passed, authentication automatically resumes for the user.

    If you select Unlimited Time, the user is never authenticated using this authentication provider.

    Result:

    The bypass is implemented and effective immediately.