PingID authentication attributes

PingID authentication attributes - PingID

PingID Administration Guide

bundle

pingid

ft:publication_title

PingID Administration Guide

Product_Version_ce

PingID

category

ContentType

Product

Productdocumentation

pingid

ContentType_ce

Product documentation

The following table lists the PingID attributes that can be used to evaluate PingFederate policy upon successful authentication with PingID.

These attributes can be applied to a range of use cases. For example, they can be used to verify authentication assurance levels.

Note:

If the Type is Bypass or Policy Approve, all other authenticating device fields will not return a value.

Attribute	Description
Authenticating Device: Device used to authenticate, regardless of PingID policy
`pingid.authentication.type`	Authentication action type. Options include: POLICY_APPROVE: User automatically approved No authentication action is required by the user. MOBILE_APP_BIOMETRICS: PingID Mobile App biometrics, e.g., FaceID, or Fingerprint MOBILE_APP_SWIPE: PingID Mobile app swipe authentication MOBILE_APP_OTP: PingID Mobile app one-time passcode (OTP) SMS VOICE DESKTOP_OTP: PingID Desktop app OTP YUBIKEY SECURITY_KEY FIDO2_BIOMETRICS OATH_TOKEN AUTHENTICATOR_APP: External authentication app, such as Google authenticator BYPASS: Authentication bypassed
`pingid.authentication.authenticating.device.id`	The unique ID of the device from which the user is authenticating.
`pingid.authentication.authenticating.device.longitude`	Longitude of the authenticating device from which the user is authenticating. Relevant for online authentication only.
`pingid.authentication.authenticating.device.latitude`	Latitude of the authenticating device from which the user is authenticating. Relevant for online authentication only.
`pingid.authentication.authenticating.device.altitude`	Altitude of the authenticating device from which the user is authenticating. Relevant for online authentication only.
`pingid.authentication.authenticating.device.accuracy`	GPS location accuracy of the authenticating device from which the user is authenticating. Relevant for online authentication only.
`pingid.authentication.authenticating.device.ip`	IP address of the device from which the user is authenticating.
`pingid.authentication.authenticating.device.app.version`	App version running on the authenticating device. Relevant for devices running on PingID mobile app.
`pingid.authentication.authenticating.device.model`	Model of the device from which the user is authenticating. Relevant for authenticating devices running PingID mobile app.
`pingid.authentication.authenticating.device.os.version`	OS version installed on the device with which the user is authenticating. Relevant for authenticating devices running PingID mobile app.
`pingid.authentication.authenticating.device.is.rooted`	Indicates whether the device is rooted or jailbroken. Relevant for authentication devices running PingID mobile app.
`pingid.authentication.authenticating.device.is.locked`	Indicates whether the authenticating device has a lock screen configured that requires a passcode. Relevant for authenticating devices running PingID mobile app.
`pingid.authentication.authenticating.device.is.mdm`	Indicates whether mobile device management (MDM) is installed on the authenticating device.
Accessing device: Device used to access the user's account or app
`pingid.authentication.accessing.device.ip`	IP address of the accessing device.