
The OOTB - Device Management - Main Flow presents users with their current multi-factor authentication (MFA) devices. It then presents the options for users to add new devices, change the name or status of existing devices, or remove an existing device.


SUCCESSDisplay user devicesEnable MFACall subflow:Device RegistrationCheck prerequisite fordevice managementUpdate device

This flow is divided into sections using teleport nodes:

Check Pre-requisite for Device Management
Uses PingOne nodes to check for an existing session and retrieve user information. If MFA is enabled for the account, the flow progresses to the Display User Devices section. If MFA is not enabled, the flow progresses to the Enable MFA section.
Enable MFA
Displays a custom HTML template gives the user an option to enable MFA. If the user does so, a PingOne node enables MFA for the account and the flow progresses to the Display User Devices section.
Display User Devices
Uses a PingOne node to retrieve the user's known devices. If the user can add devices, a custom HTML template presents the user with device options. If the user selects Add, the flow progresses to the Add Device section. If the user selects Done or Cancel, the flow progresses to the Return Success section. If the user selects an existing device, the flow progresses to the Update Device section.
Add Device
Invokes the CIAM-Passwordless-Protect-Device-Registration-Subflow flow. It then progresses to the Display User Devices section if the addition was successful or canceled.
Update Device
Presents users with a custom HTML page showing options for a currently selected device. The Save, Default, and Remove options trigger PingOne nodes to save a new device name, set the current device as default, or remove the current device. The flow then progresses to the Display User Devices section.
Return Error
Displays an error message, then sends a JSON error response.
Return Success
Sends a JSON success message.

Input schema

This flow has the following inputs.

Input Name Description


The username of the user whose profile is being updated.

Output schema

This flow has the following outputs.

Output Name Description


The error message to display in the parent flow.


The error code to display in the parent flow.

Variables and parameters

This flow uses the following variable or parameter values.

Variable name Parameter name Description



The number of minutes after which a session is no longer valid.



The HTML style to use for your company logo.



The URL for your company logo.



Displays the name of your company.



A boolean indicating whether one-time passcode using sms is enabled in your environment.



A boolean indicating whether one-time passcode using email is enabled in your environment.



A boolean indicating whether FIDO passkey is enabled in your environment.