The ThreatMetrix Integration Kit allows PingFederate to communicate with ThreatMetrix for risk-based authentication.
By sending a device profile and optional user attributes to ThreatMetrix when a user signs on, PingFederate can get a security risk assessment for the sign-on event. You can use this to dynamically adjust the authentication requirements each time a user signs on. For example, by configuring policies in PingFederate and ThreatMetrix, you could require multi-factor authentication (MFA) when a user signs on with a new device.
Features
- Supports the ThreatMetrix "web" and "SDK" device profiling scripts. For details, see Introduction to Profiling in the ThreatMetrix documentation.
- Supports device profiling in any browser-based authentication source or web application. For details, see Device profiling methods.
- Supports the PingFederate Authentication API.
- Supports the JavaScript Widget for the PingFederate Authentication API.
Components
- Template and script files
- When a user signs on through PingFederate, these files create the device profile and send it to ThreatMetrix. There are several files to accommodate a variety of device profiling methods.
- ThreatMetrix IdP Adapter
- When a user signs on through PingFederate, the adapter sends the user attributes to ThreatMetrix.
- The adapter receives the result of the risk assessment as well as other attributes and sign-on event data. The adapter makes this information available in the PingFederate authentication policy.
Intended audience
This document is intended for PingFederate administrators.
If you need help during the setup process, see the following resources:
- The following sections of the PingFederate documentation:
- The following sections of the ThreatMetrix documentation:
System requirements
- PingFederate 9.3 or later
- A ThreatMetrix account