For SMS, voice, and email authentication, you can pre-populate or restrict registration to corporate information that is already defined in your organization's user directory.
These configurations are applied during initial registration and during the registration of additional devices if you have enabled multiple-device capability.
- Pre-Populate
- When registering for PingID, the email, SMS, or voice field is pre-populated with the information defined in your user directory. The user can edit the information or replace it with a different address or phone number.
- Restrict
- When registering for PingID, the email, SMS, or voice field is pre-populated with
the information defined in your user directory. The information is read-only and
cannot be edited by the end user. If information in the user directory is missing
or invalid for a specific device type, the user is not presented with the option
to register with that device.Note:
Applying the Restrict option to an authentication method removes that method when pairing with PingID SSH, VPN, and Windows login integrations, as well as for local users.
Information must be saved to your user directory in Google Library format, which specifies that all phone numbers must include "+" and the international country code. No manipulation or validation is performed when information is extracted from the user directory. For example, if a phone number is not stored in an international format, a prefix is not added, which might cause an error when trying to continue the registration flow. For information about configuring attributes in your user directory, see Configuring the phone number attribute in PingOne and Configuring LDAP attributes in PingFederate.
When PingID is integrated with PingFederate as the identity provider (IdP), confirm that the attribute names under
that are passed to PingFederate exist and match the required SAML message attribute names.