If you have a PingID account that has been integrated with PingOne you can update it to support the FIDO2 authentication method. This allows you to benefit from the full range of options in the enhanced FIDO2 policy.
The FIDO2 authentication method replaces the deprecated FIDO biometrics and security key authentication methods and offers expanded configuration options and support for a wide range of FIDO authentication devices, including cloud-synced FIDO devices.
If you have already integrated your PingID account with a PingOne environment, update it to use the enhanced FIDO2 policy.
- Updating to FIDO2 permanently inactivates the legacy FIDO2 biometrics and Security Key authentication methods and cannot be undone. Note that at this stage, the FIDO2 authentication method cannot be used with DaVinci-based flows.
- After updating a PingID account to use the FIDO2 authentication method it is no longer possible to unlink the PingID account from the PingOne environment. Deleting the PingOne environment will also delete the possible to unlink the PingID account.
-
In the Alternate Authentication Methods section, in the
FIDO2 row, make sure the
Enable and Pairing check boxes
are selected.
Note: If you previously enabled Security Key or FIDO2 Biometrics authentication methods, those options are greyed out. These authentication options are removed and become legacy when you save the configuration changes.
-
Click Save. You'll see the following warning
message:
All Security Key or FIDO2 Biometrics authentication methods and associated configurations are upgraded to the FIDO2 authentication method.
In PingOne, the FIDO2 policy shows the full range of options available, as well as the default Passkey and Security Key policies. To learn more about FIDO2 policy configuration, see Creating a FIDO policy in the PingOne Cloud Platform documentation.