The PingOne Risk IdP Adapter lets you use attributes from your PingFederate authentication flow as risk predictors in PingOne Risk.
For an overview of risk predictors, see Risk predictors in the PingOne documentation.
The example in the steps below shows how to include the device security state from a mobile device management (MDM) service in the PingOne Risk risk evaluation.
Make the predictor available as an attribute in your PingFederate authentication
Add the source of the predictor data to your authentication
MDM example: Add a mobile device management adapter. On the Extended Contract tab of the configuration for that adapter instance, the attribute that holds the security state of the user's device is called
- Later in the flow, add the PingOne Risk IdP Adapter that you configured in Configuring an adapter instance.
- Add the source of the predictor data to your authentication policy.
In PingOne Risk, add the risk predictor and include it in
your risk policy. For help, see Risk predictors in the PingOne
MDM example: Add a predictor with the JSON pointer
In the Risk Predictors table of your PingOne Risk IdP Adapter configuration, map the predictor attribute from your
authentication policy to the JSON pointer you defined in PingOne Risk. For help, see Configuring an adapter instance.
MDM example: Map the PingFederate
chainedAttForManagedattribute to the PingOne Risk predictor in your PingOne Risk IdP Adapter configuration.During the authentication flow, the PingOne Risk IdP Adapter gets the predictor attribute from the PingFederate authentication policy and passes it to PingOne Risk. Next, PingOne Risk compares the value to the risk levels you defined and includes it in the risk evaluation.