A local identity profile (LIP) is a stored user identity (PingDirectory) created and maintained by PingFederate. It provides the capability for user creation and administration, and centralizes those policies with the authentication and authorization policies already within PingFederate.
A typical customer identity and access management (CIAM) use case only requires one LIP. As needed, you can create multiple profiles to suit the needs of your organization. Using the administrative console, LIPs are defined in the Identity Policies section.
As of PingFederate 10.1, an authentication session is automatically created for a
user after registration, preventing the user from having to log in again during the
next single sign-on (SSO) transaction. This feature is enabled by default for all new
and existing local identity profiles. However, if needed, you can disable it through
the /localIdentity/identityProfiles administrative API endpoint
by setting the createAuthnSessionAfterRegistration attribute to
false
.
When associated with an HTML Form Adapter instance, a local identity profile provides users the option to authenticate through third-party identity providers, self-register as part of the sign-on experience, and manage their accounts through a self-service profile management page.
- To configure a new profile, go to Create New Profile. . Click
- To modify an existing profile, select it by its name under Local Identity Profile Name.
- To review the usage of an existing profile, click Check Usage under Action.
- To remove an existing instance or to cancel the removal request, click Delete or Undelete under Action.
See the following topics for detailed instructions that enable you to complete these configurations: