With the ID DataWeb Integration Kit, PingFederate includes the ID DataWeb API in the sign-on flow.
- A user initiates the sign-on process by requesting access to a protected resource.
- The ID DataWeb IdP Adapter sends the device profile identifier and any user attributes to the ID DataWeb API and requests the policy decision ("approve", "obligation", or "deny").
- The ID DataWeb API returns a JSON payload with the policy decision and other attributes to the ID DataWeb IdP Adapter.
- The ID DataWeb IdP Adapter makes the policy decision and contract attributes available in the PingFederate authentication policy.
- PingFederate executes the authentication policy, which branches based on the policy decision provided by the ID DataWeb IdP Adapter.
- PingFederate returns the resource that the user requested.
- If Update Device Trust is enabled in the adapter instance
configuration, the ID DataWeb IdP Adapter notifies ID DataWeb that the device is
trustworthy. This gives the device a better trust score for subsequent sign on
If Update Device Trust Using User Consent is enabled in the adapter configuration and the user checks This is my device in the HTML form adapter when authenticating, the ID DataWeb IdP Adapter notifies ID DataWeb that the device is trustworthy.