If your organization wants to use PingID as an authentication solution for federated single sign-on (SSO) with PingFederate, you must install the PingID Integration Kit.
For instructions specific to the Windows Login Integration, see Installing PingID Integration Kit for PingFederate (Windows login).
PingID Integration Kit Requirements
Before you install the PingID Integration Kit:
- Register for the PingID Enterprise service on PingOne.
- Configure the PingID service and download the PingID properties file (see Managing the PingID properties file).
- Ensure you have installed the relevant PingFederate version as follows:
- Beginning with PingID Integration Kit 2.11, PingFederate 10.0 or later is required
- Beginning with PingID Integration Kit 2.10, PingFederate 9.3 or later is required
- Beginning with PingID Integration Kit 2.6, PingFederate 9.2 or later is required
- Beginning with PingID Integration Kit 1.4, PingFederate 8.4 or later is required
- PingID Integration Kit 1.3 or earlier: requires PingFederate 8.3 or earlier (minimum supported version PingFederate 7.3)
- Ensure you have network access to your PingFederate installation.
- Ensure you have administrator permissions on PingFederate.
- Open ports:
- 443 (outbound to Internet)
- 1812 (UDP, to/from RADIUS clients)Note:
Port 1812 is required only if you plan on using the password credential validator (PCV) for RADIUS. This is the default port for RADIUS, but you also have the option of setting a different port number for the RADIUS client and RADIUS PCV. To change the port for the PCV, use the RADIUS Server Authentication Port option.
For further details about required web access, see PingID required domains, URLs, and ports.
If you are using PingFederate 8.2 or later, the PingID Integration Kit is bundled as part of the PingFederate installation.
If you're doing any of the following, you must install the integration kit manually:
- Updating your current version of the PingID Integration Kit to a newer version.
- Using a version of PingFederate earlier than 8.2.
- Installing the optional PingID Offline MFA feature. PingID offline MFA requires that device
information be stored on the user directory for retrieval when PingID is offline. You must configure your
organization's user directory to use this feature. For more information, see
User directory for PingID offline MFA.Note:
Offline MFA requires the PingID Integration Kit 2.0 or later.
To install the integration kit to integrate PingID with your VPN, see Installing the PingID Integration Kit for VPN.