Verify that your PingOne environment has the necessary configuration to run the PingOne for Customers Plus solution and enable all of the features you want to use.
These steps ensure that the PingOne configuration is correct and enable features such as magic links, agreements, and social sign-on.
- Optional:
If you want to use magic links, verify that you have an email server and an
email notification template configured in PingOne.
For more information about email servers, see Configuring Trusted Email Addresses.
For more information about adding and customizing notification templates, see Adding a notification and Editing a notification.
- Go to Settings > Sender.
- On the Email tab, select Ping Server.
- In the Domain list, select your trusted email domain.
-
Enter the sender details:
From Name: Enter the name that appears as the sender's name in the email message.
From Address: Select an email address from the list, or click New to open the New Address page and create a new address.
-
Enter the reply-to details:
Reply-To Name: Enter the name that appears as the reply-to name in the email message.
Reply-To Address: Select an email address from the list, or click New to open the New Address page and create a new address.
- Click Save.
- Go to User Experience > Notification Templates.
-
Verify that a notification template using the magic link exists. You
can use the default General template or another
email template.
You must reference the magic link in the email notification template text using HTML. For example:
<div style="display: block; text-align: center; font-family: sans-serif; border: 1px solid #c5c5c5; width: 400px; padding: 50px 30px;"> <img class="align-self-center mb-5" src="${logoUrl}" alt="${companyName}" style="${logoStyle}"/> <h1>Success</h1> <div style="margin-top: 20px; margin-bottom:25px"> <p> Please click the link below to confirm your email for Authentication. </p> <a href="${magicLink}" style="font-size: 14pt">Confirmation Link</a> </div> </div>
-
Verify that you have an multi-factor authentication (MFA) policy configured in
PingOne.
For more information, see the MFA documentation.
- In PingOne, go to Authentication > MFA..
-
Click the MFA policy marked as the default and verify that its
Allowed Authentication Methods include the
authentication methods that you want to use from the following:
- SMS
- FIDO2
-
Verify that the default population exists:
- Go to Directory > Populations.
- In the list of populations, verify that a population is marked as Default.
- If no existing population is marked as Default, select a population and click More options (⋮) > Edit Population.
- Click Make Default Population.
- Click Switch.
- Click Save.
- Optional:
If you plan to use FIDO2, verify that the default
Passkeys policy is selected.
For more information about FIDO policies, see the FIDO documentation.
- Go to Authentication > FIDO.
- Verify that the Passkeys policy is marked as the default.
- If the Passkeys policy is not the default, click ⋮ > Make Default. then click Save.
- Optional:
If you plan to use an agreement, verify that you have an agreement configured
in PingOne and copy the
agreement ID.
For more information about configuring agreements, see Adding an agreement.
- Go to User Experience > Agreements.
- Verify that the agreement exists and is enabled.
- Click the Expand icon for the agreement.
-
Copy the Agreement ID.
The agreement ID is used in a later procedure to configure the flows in DaVinci.
- Optional:
Verify that you have an external identity provider configured in PingOne for each valid third
party you want to use as a social sign-on option. For more information about how
identity providers are used in PingOne, see Identity Providers.
-
If you want to use Google as a social sign-on option, verify that
Google is configured as an IDP according to the procedure in Adding an identity provider - Google. During
configuration, use the following property mappings.
Google Property PingOne Property email address
username
email address
email
family name
family name
given name
given name
-
If you want to use Facebook as a social sign-on option, verify that
Facebook is configured as an IDP according to the procedure in Adding an identity provider - Facebook.
During configuration, use the following property mappings.
Facebook Property PingOne Property email address
username
email address
email
family name
family name
given name
given name
-
If you want to use Apple as a social sign-on option, verify that Apple
is configured as an IDP according to the procedure in Adding an identity provider - Apple. During
configuration, use the following property mappings.
Apple Property PingOne Property email address
username
email address
email
-
If you want to use Google as a social sign-on option, verify that
Google is configured as an IDP according to the procedure in Adding an identity provider - Google. During
configuration, use the following property mappings.