By sending a ThreatMetrix device profile and optional user attributes to ID DataWeb when a user signs on, PingFederate can get a security risk assessment for the sign-on event. Including the risk assessment in your PingFederate authentication policy allows you to dynamically adjust the user's authentication requirements each time they sign on.


  • Template and script files
    • When a user signs on through PingFederate, these files retrieve the JavaScript that collects a profile of the user's device. This allows you to use ThreatMetrix as a verification service in ID DataWeb.
  • ID DataWeb IdP Adapter
    • When a user signs on through PingFederate, the adapter sends the device profile and user attributes to the ID DataWeb API, and retrieves a policy decision ("approve", "obligation", or "deny") from ID DataWeb.

Intended audience

This document is intended for PingFederate administrators.

Before starting, we recommend that you familiarize yourself with the following:

System requirements

  • PingFederate 10.3 or later
  • An ID DataWeb service administrator account