The basic authenticator configuration includes a default PingOne application ID, but the client can dynamically specify a different PingOne application with each request. The CIBA authenticator automatically checks the CIBA Request Policy for the following attributes:
  • applicationId
  • applicationSecret

Configure the CIBA client to send these attributes as part of the request to PingFederate. When the CIBA authenticator receives a valid application ID and secret, it overrides the defaults saved in the configuration.