PingID is a cloud-based authentication service that allows your users to carry out MFA (multi-factor authentication) using a variety of methods, including the PingID mobile app, security keys, and biometrics.

Setup

Resources
Setting up the connector

In DaVinci, add a PingID connection. For help, see Adding a connector.

After creating the connector, configure it by going to its General tab and pasting in the content of the PingID properties file that you downloaded.


PingID connector configuration

Using the connector in a flow

MFA flows

For examples of using the PingID connector in basic MFA flows, see the following templates in the Flow Library:

  • PingID - Basic MFA flow (username/password + MFA)
  • PingID - MFA flow + Risk (username/password + risk evaluation, MFA according to risk score generated for user)

In flows of this type, a connector using the Initialize MFA capability should be placed in the flow at the point where you want an MFA challenge to be issued, for example, after the user has entered their password.

MFA in passwordless flows

For examples of using the PingID connector to combine MFA with passwordless login, see the following templates in the Flow Library:

  • PingID - FIDO2 Passwordless (FIDO2 username, no password required)
  • PingID - FIDO2 Passwordless + Risk (FIDO2 username, no password + risk evaluation, action based on risk score generated for user)

In passwordless login flows, two PingID connectors should be added to the flow:

  • A connector using the Initialize Passwordless Authentication capability
  • Later in the flow, a second connector using the Finalize Passwordless Authentication capability and using as input the passwordlessContext that was returned by the initialize step. The username must also be provided as input.

Capabilities

Initialize MFA (initializeMfa)

Multi-Factor Authentication and on-the-fly registration.

Properties
Properties
Username textField

The username for the user in PingOne.

First Name textField

User’s first name.

Last Name textField

User’s last name.

User Groups textField

The groups to which the user belongs. Used for applying PingID policies that have been defined.

Mobile Number textField

User’s mobile phone number.

Landline Number textField

User's landline number.

Application Name textField

The name of the application the user is trying to access.

Application ID textField

The ID of the application the user is trying to access. Used for applying PingID policies that have been defined.

Application Icon (URL) textField

The URL of the icon that is used for the application the user is trying to access.

IP of accessing device textField

The IP of the device trying to access the application. Used for applying PingID policies that have been defined.

Attributes selectNameValueListColumn

Use this section to add attribute to the request

Initialize Passwordless Authentication (initializePasswordlessAuthentication)

Passwordless authentication using FIDO2 supported devices.

Properties
Properties
Attributes selectNameValueListColumn

Use this section to add attribute to the request

Finalize Passwordless Authentication (finalizePasswordlessAuthentication)

Policy evaluation to complete the Passwordless Authentication.

Properties
Properties
Username textField

The username for the user in PingOne.

Passwordless Context textField

Information returned by the initializePasswordlessAuthentication capability of the connector. Required to continue the passwordless session.

First Name textField

User’s first name.

Last Name textField

User’s last name.

User Groups textField

The groups to which the user belongs. Used for applying PingID policies that have been defined.

Mobile Number textField

User’s mobile phone number.

Landline Number textField

User's landline number.

Application Name textField

The name of the application the user is trying to access.

Application ID textField

The ID of the application the user is trying to access. Used for applying PingID policies that have been defined.

Application Icon (URL) textField

The URL of the icon that is used for the application the user is trying to access.

IP of accessing device textField

The IP of the device trying to access the application. Used for applying PingID policies that have been defined.

Attributes selectNameValueListColumn

Use this section to add attribute to the request

Troubleshooting

If you are having trouble with the PingID connector, you can try the following:

  • Verify that when you created and configured the connector on the Connections page, you pasted correctly the contents of your PingID properties file.
  • For each connector in the flow, make sure that all of the mandatory inputs have been provided.
  • Use the Analytics feature to see where the flow stopped.
  • Select the Options icon, and turn on Show Node ID. This will make it easier to identify the source of inputs and outputs.