By sending a device profile and optional user attributes to ThreatMetrix when a user signs on, PingFederate can get a security risk assessment for the sign-on event. You can use this to dynamically adjust the authentication requirements each time a user signs on. For example, by configuring policies in PingFederate and ThreatMetrix, you could require multi-factor authentication (MFA) when a user signs on with a new device.



  • Template and script files
    • When a user signs on through PingFederate, these files create the device profile and send it to ThreatMetrix. There are several files to accommodate a variety of device profiling methods.
  • ThreatMetrix IdP Adapter
    • When a user signs on through PingFederate, the adapter sends the user attributes to ThreatMetrix.
    • The adapter receives the result of the risk assessment as well as other attributes and sign-on event data. The adapter makes this information available in the PingFederate authentication policy.

Intended audience

This document is intended for PingFederate administrators.

If you need help during the setup process, see the following resources:

System requirements

  • PingFederate 9.3 or later
  • A ThreatMetrix account