For CyberArk and Ping Identity best practices, deploy multi-factor authentication (MFA) for all single sign-on (SSO) requests to the CyberArk Password Vault Web Access (PVWA).
Configure the PingOne for Enterprise authentication policy to invoke PingID MFA.
- Go to .
- In the Authentication Providers section, select the Enable authentication policy check box.
In the Authentication Policy Context section, in the
Apply on application launch section, select the
applicable CyberArk application check boxes.
PingID MFA is enabled for SAML-based SSO authentication to the CyberArk PVWA.