Possible use cases include:

  • User name mapping from Windows login. For example, map the sAMAccountName to the User Principal Name (UPN) in your LDAP directory to align the user to a single PingID user identity.
  • Creating group-based policies in either PingFederate or PingID.
  • Integrating PingFederate orchestrated on-premise or third-party authentication methods into the authentication flow.

The following diagram illustrates the authentication flow when integrating PingID with Windows login through PingFederate.

This section describes how to integrate Windows login with PingID through PingFederate using PingFederate authentication policy. The process includes:

  1. Installing the PingID Integration Kit for PingFederate.
  2. Configuring a PingID Adapter instance (Windows login).
  3. Configuring an authentication policy.
  4. Configuring policy contract grant mapping.
  5. Configuring access token management.
  6. Configuring an OpenID Connect policy (Windows login).
  7. Configuring an OpenID Connect client.
  8. Installing the PingID integration for Windows login on all relevant Windows machines.

It is also possible to integrate using IdP Adapter mapping. For more information, contact your support representative.