PingOne for Enterprise

Bypassing a user’s service

You can bypass the need for a user to authenticate using their secondary authentication method.

About this task

Bypassing a user’s service can be necessary, for example, if a user of the PingID service doesn’t have access to the mobile device that is paired with PingID. Generally, you will bypass a user’s secondary authentication for a selected duration. At the end of a limited duration, secondary authentication for the user resumes automatically.

Global Administrators can set the bypass for an unlimited duration if you want to bypass the user’s service permanently. All other administrators are limited to a maximum bypass period of 3 days.

Steps

  1. Go to Users → Users by Service.

  2. (Optional) Filter or search the user list.

    • Click a service name to filter by users of that service.

    • In the Search field, enter a string to search for.

      • In the Search by list, select a user attribute to search by.

        To use the search filter, your account must not have the SERVICE_USER_LEGACY feature flag, which preserves legacy search behavior from before a PingOne for Enterprise update in April 2023.

        Your account only has this feature flag enabled if you requested it. If you’re not sure whether you have this feature flag, or if you want it removed so you can access this new behavior, open a support case.

        The email and name filters can only filter user data that was newly created or updated after this feature was deployed (February 2025).

  3. For a selected user, click the Expand icon to expand the user information for the service.

  4. Click the edit icon, then click the Bypass toggle.

    Result:

    You are prompted to select the duration for bypassing the specific service from a list.

  5. Select the duration to bypass the service.

    If you’re a Global Administrator, you can select Unlimited Time to bypass the service indefinitely. All other administrators are restricted to a maximum period of 3 days.

  6. Click the Bypass toggle again to enable your bypass setting.

    When the selected length of time has passed, authentication automatically resumes for the user.

    If you select Unlimited Time, the user is never authenticated using this authentication provider.

    Result:

    The bypass is implemented and effective immediately.