Confirm you have all prerequisites and requirements before configuring PingID integration for Azure AD.
To configure PingID integration for Azure AD, you will need:
- An Azure AD Premium P1 subscription with administrator rights
- A PingOne for Enterprise account with
For more information, see Registering a PingOne for Enterprise account.
If you have users who registered with PingID prior to setting up PingID integration for Azure AD, make sure you map the username to the same
attribute that your PingID users were
registered with, such as the
userPrincipalName attribute (see also Configuring PingID MFA for Microsoft Azure AD Conditional Access). If you need additional attributes to carry over from Azure AD, do not register users
through the Conditional Access flow. Instead, make sure users are created with the required
attributes in PingOne before going
through the Conditional Access flow, such as through SSO or provisioning.
Authorization requests sent from Azure AD to PingID use the Azure AD
userPrincipalName attribute to
identify the PingID user. Other
attributes cannot be configured to identify the user in PingID.