The PingOne MFA Integration Kit includes the PingOne SDK client initiated backchannel authentication (CIBA) Authenticator, which works with PingFederate's CIBA feature.
For instructions on configuring the CIBA Authenticator for PingOne SDK, see Configuring a CIBA authenticator instance.
- Go to CIBA Authenticators window. to open the
- On the CIBA Authenticators window, click Create New Instance to start the Create CIBA Authenticator Instance configuration workflow.
On the Type tab, configure the basics of this authenticator
- Enter a name and an ID in the Instance Name and Instance ID fields.
Select a CIBA authenticator from the Type list.
Selections vary depending on the deployed CIBA authenticators.
You can use the PingFederate SDK to implement a custom solution. For more information, see the Javadoc for the
OOBAuthPlugininterface, the SampleEmailAuthPlugin.java file for a sample implementation and the SDK developer's guide for build and deployment information.Tip:
The Javadoc for PingFederate and the sample implementation are in the <pf_install>/pingfederate/sdk directory.
On the Instance Configuration tab, follow the on-screen
instructions to configure the authenticator instance.
Configuration requirements vary depending on the authenticator implementation.
On the Actions tab, follow the on-screen instructions to
test the validity of the authenticator instance configuration or to perform secondary
Availability of this tab and actions vary depending on the authenticator implementation.
On the Extended Contracts tab, follow the on-screen
instructions to define additional attributes.
The authenticator contract is the list of input parameters used to challenge the user for authentication. Some authenticators support extending the contract for additional functionality, such as formatting the data presented to the user during the authentication challenge.
Availability of this window and supported attribute names vary depending on the authenticator implementation.
- On the Summary tab, review your configuration, modify as needed, and click Done to exit the Create CIBA Authenticator Instance workflow.
On the CIBA Authenticators window, click
Save to retain the configuration of the authenticator
If you want to exit without saving the configuration, click Cancel.