1. In the PingFederate administrative console, go to Authentication > Policies > Policies.
  2. To create a new policy, click Add Policy.
  3. Configure the Policy window.

    Screen capture illustrating the Name, Description, and Policy fields on the Policy window in PingFederate.
    1. In the Name field, enter a name.
    2. In the Description field, enter a description.
    3. From the Policy list, go to Selectors and choose your previously created selector.
      After choosing your selector, additional fields display that require you to identify which authentication adapters to use for internal and external users.
  4. From the additional lists that display, configure the authentication adapters to be used for internal and external users.

    Screen capture illustrating the internal and external authentication adapter lists in PingFederate.
  5. Click Done.
  6. Click Save.
  7. To enable the network-based adaptive authentication policy, go to Authentication > Policies > Policies and select the IDP Authentication Policies check box.

    Screen capture illustrating the IDP Authentication Policies check box selected on the Authentication Policies window in PingFederate.
  • Map the policy contract you used after completing the adaptive authentication within your SAML connections and/or OAuth persistent grants.
  • You can hierarchically organize the policy to appear earlier or later in the Policy list.

    To configure PingFederate with multiple authentication policies or specify the order in which they are presented, go to Authentication > Policies > Policies.