PingFederate leverages
the HTML Form Adapter to deliver a
secure and easy-to-use customer authentication, registration, and profile
management solution. The HTML Form Adapter contract includes two core attributes:
To illustrate the configuration steps, consider the following setup that you have
already made:username and policy.action. At
runtime, regardless of whether the local
identity profile is configured with any authentication sources, if the user
chooses to register directly by clicking on the Register
now link, PingFederate sets the value to
identity.registration
. This fulfillment allows you to create
rules to differentiate authentication requirements from the registration
flow.
- A PingDirectory installation with a set of users.
- An LDAP datastore, an LDAP Username Password Credential Validator instance, and an HTML Form Adapter instance on PingFederate to validate credentials stored in PingDirectory.
- An IdP authentication policy that chains the HTML Form Adapter instance, an
PingID®
Adapter instance, and an
authentication policy contract for the purpose of enforcing PingID multifactor
authentication in multiple browser-based SSO use cases via SP connections, OAuth
authorization code flow, and OAuth implicit flow. The following screen capture
illustrates your existing policy.
To illustrate the configuration steps, consider the following setup that you haveYou are now tasked to add support for a consumer registration use case similar to the one in Setting up self-service registration, and at the same time keep the policy that enforces the multifactor authentication requirement.
Configuration steps:
- Set up PingDirectory for customer identities.
- Make a note of which authentication policy contract is currently being used in your policy.
-
Create a local identity profile using the
configuration wizard.
-
Configure the HTML Form Adapter instance for customer identities.
- On the IdP Adapter screen, select a local identity profile from the Local Identity Profile list.
- Complete the rest of the configuration and save all changes.
-
Modify your existing IdP authentication policy.
You have now successfully added the requested consumer registration (and profile management) use case to your current policy.