The best threat protection often means leveraging multiple risk and fraud services. PingOne Protect allows administrators to send third-party data and other risk signal vendor scores, for example sending information from PingFederate whether a device is managed and not.

There are three steps to ingesting third-party risk data into PingOne Protect:

  1. Send the third-party data to PingOne Protect by creating custom attributes to map the values to.
  2. Validate that PingOne Protect received the third-party data.
  3. Configure a custom predictor using the custom attributes.

    Custom predictors allow you to plug in external data sources and reference custom attributes. You can use custom predictors to determine a risk score for unmanaged devices or map third-party risk scores to high, medium, or low. You can also add custom predictors to risk policies, apply overrides, and view analytics in the dashboards.

Sending third-party data to PingOne Protect

PingOne Protect cannot invoke a third-party API directly, so the external data must be sent into the evaluation call from another service, and the values need to be mapped into custom attributes.

Depending on your identity service providers, there are multiple ways to send third-party data to PingOne Protect:

PingOne DaVinci
The most straightforward approach is using PingOne DaVinci to retrieve a third-party data feed and pass the response back into PingOne Protect. Use purpose-built PingOne DaVinci connectors to get risk evaluations from vendors such as Castle, LexisNexis, or Securonix. You can also configure a generic REST call to get risk information from other vendors.

For more information, see:

Use PingFederate integration kits to retrieve third-party data in combination with the PingOne Protect Integration Kit to configure custom attributes to map the data into PingOne Protect.

For more information, see:

PingOne API
Use the PingOne API to retrieve risk evaluations from third-party risk providers. You can add custom attributes to event objects by adding the attribute to the event object in the body of a risk evaluation request. For more information, see Risk evaluations.
PingOne Authorize
Use PingOne Authorize to call PingOne Protect for risk evaluations as part of a PingOne authorization policy. For more information, see Connecting to PingOne Protect.

Validating received third-party data in PingOne Protect

After you send the third-party data to PingOne Protect, validate that the data was received either using the PingOne admin console or the API:


In a risk evaluation, the custom attributes appear in the event {...} section near the end of the JSON in a risk evaluation.

Configuring custom predictors using custom attributes

After sending third-party data and validating that it was received in PingOne, configure custom predictors that use the custom attributes that you previously created: