FIDO browser management use cases - PingFederate - PingOne MFA - PingOne - PingOne Services

FIDO browser management use cases - PingFederate - PingOne MFA - PingOne - PingOne Services - PingOne Cloud Platform

PingOne MFA Integration Kit

bundle

pingfederate-pingone-mfa-ik

ft:publication_title

PingOne MFA Integration Kit

Product_Version_ce

PingOne MFA

PingOne

PingOne Services

PingOne Cloud Platform

The user initiates an authentication flow on a FIDO-supported device.
The user enters their username (supported by the identifier first adapter).
If no devices have been paired, the user is prompted to authenticate through the HTML form. If the user has previously paired a device, the user is prompted to select from a list of devices or might fallback to the HTML form adapter for their first factor authentication.
After the user has authenticated, they are given the option to pair biometrics for the device. See Configuration Step 3 for optional configuration of the Device Selection screen.
The user pairs their biometrics through FIDO and completes the login flow. A cookie with the device ID is placed on the browser with an expiration of 20 years.

The user initiates an authentication flow on a paired, FIDO-supported device by entering their username into a form supported by the identifier first adapter.
A cookie is observed and the user is prompted to authenticate with biometrics for their current device.
The user authenticates with biometrics and logs in.

The user initiates an authentication flow on a FIDO-supported device.
The user enters their username supported by the identifier first adapter.
The user is prompted to select a device or fallback to the HTML form.
The user selects their current device from the list and authenticates with biometrics, completing login.
A cookie is reset on the browser with an expiration of 20 years.