PingFederate leverages the HTML Form Adapter to deliver a secure and easy-to-use customer authentication, registration, and profile management solution. The HTML Form Adapter contract includes two core attributes.
To
illustrate the configuration steps, consider the following setup that you have already
made with the parameters username and
policy.action. Whether or not the local identity profile is
configured with any authentication sources, if the user chooses to register directly by
clicking on the Register now link, PingFederate sets the
value to identity.registration
. This fulfillment allows you to create rules
to differentiate authentication requirements from the registration flow.
- A PingDirectory installation with a set of users.
- An LDAP datastore, an LDAP Username Password Credential Validator instance, and an HTML Form Adapter instance on PingFederate to validate credentials stored in PingDirectory.
- An IdP authentication policy that chains the HTML Form Adapter instance, an PingID Adapter instance, and an authentication policy contract for the purpose of enforcing PingID multi-factor authentication in multiple browser-based single sign-on (SSO) use cases through service provider (SP) connections, OAuth authorization code flow, and OAuth implicit flow. The following window capture illustrates your existing policy.
To illustrate the configuration steps, consider the following setup that you have. You need to add support for a consumer registration use case similar to the one in Setting up self-service registration, and, at the same time, keep the policy that enforces the multi-factor authentication requirement.
Configuration steps.
- Set up PingDirectory for customer identities.
- Make a note of which authentication policy contract is currently being used in your policy.
-
Create a local identity profile.
-
Configure the HTML Form Adapter instance for customer identities.
- Go to .
- From the Instance Name section, select the HTMLFormAdapter.
- On the IdP Adapter tab, from the Local Identity Profile list, select a local identity profile.
- Complete the rest of the configuration and save all changes.
-
Modify your existing IdP authentication policy.
You have now successfully added the requested consumer registration and profile management use case to your current policy.