PingID is a cloud-based multi-factor authentication (MFA) service that protects an organization’s network, applications, and data resources while providing secure and seamless experiences for your customers and users.
The PingID connector supports the use of:
- Customer-friendly authentication flows to increase security without adding unnecessary friction to the end user experience.
- User enrollment flows:
- Automatically: Allow customers to automatically enroll an authentication method for users during the authentication process.
- One-time device authentication: Include device details within an authentication request. Enables a user to authenticate for one session only, without pairing the device.
Setting up PingID
Setting up the connector
In DaVinci, add a PingID connector. For help, see Adding a connector.
Using the connector in a flow
Enrolling a device
To seamlessly add MFA for your users and increase MFA adoption, use the PingID connector. You can include device enrollment as part of user registration, or as a just-in-time (JIT) registration within an authentication flow.
The user can select an authentication method for MFA from a list of methods defined by the PingID configuration. This list can include traditional methods, such as email and SMS, and more secure and frictionless methods, such as FIDO2 biometrics and PingID mobile app.For help, see the Creating an authentication flow guide.
Use the PingID connector to increase security by adding an authentication factor that requires the user to prove their identity using a trusted device.
For help, see the Creating an authentication flow guide.
PingID flow templates
Ping Identity provides out-of-the-box DaVinci subflows that you can add to a main flow to register authentication devices and to use those devices to authenticate with PingID.
- PingID registration sub-flowUse this subflow to register a new authentication method for use with PingID.Note: The variable
pingIdUserIdrepresents the ID attribute from PingOne and must be provided when triggering the flow.
- PingID authentication sub-flow
Use this subflow to add PingID as a secondary authentication factor to a main flow, as part of an authentication process.Click the Variables node to customize any of the following options:
AdminMessage: The administrative message you want to display during authentication.
SMSBackup: Use the user's mobile number as a backup authentication method, so they can receive a one-time passcode by SMS, if the user forgets their registered authentication device.
phoneBackup: Use the user's mobile number as a backup authentication method, to receive a one-time passcode by voice message, if the user forgets their registered authentication device.
emailBackup: Use the user's email address as a backup authentication method, to receive a one-time passcode by email, if the user forgets their registered authentication device.
authenticationForApplication: The name of the application the user is attempting to access. This value is presented to the user during authentication.
useCode: When set to
true, the user can click a Use Code button to enter an OTP, rather than waiting for a push notification to arrive.
OTP Fallback: When set to
true, user's can authenticate with a one-time passcode in the event that the PingID server cannot reach their device, or the push response cannot be completed.
- This flow requires the PingID - registration welcome page flow. The variable
pingIDUserIdmust be provided when triggering the flow.
- The following PingID
Connector variables override the equivalent values in the PingID admin console
PingID connector variable PingID admin console location
Alternate Authentication Methods, Backup Authentication (SMS, Voice, or Email checkbox).
Mobile App Authentication, One-time Passcode Fallback
Mobile App Authentication, Direct Passcode Usage
- The PingID Devices page is not available when using the PingID Authentication sub-flow. The 'Settings' button is therefore not displayed on the Authentication screen.
- The PingID connector only supports English language. Localization is not currently supported.