The links in this document are to the product documentation and will assist in configuring the integrations in your deployment. The following links are to major sections of the documentation related to PingOne Protect:
- Threat Protection using PingOne Protect
- Protect dashboard
- Risk evaluations
- Predictors
- Risk policies
- Protect related alerts
- Suspicious Traffic
- Data Quality Issue
- PingOne Protect Integration Kit
- DaVinci PingOne Protect Connector
- PingAccess integration with PingOne Protect
- PingFederate integration with PingOne Protect
A guide for testing integrations is available to customers, access to the customer portal is required.
The key documents for integrating PingAcess with PingOne Protect are listed below in the order that they should be used for the initial configuration of PingAccess:
- Add a PingFederate connection used by PingAccess:
- PingAccess uses the PingFederate connection to connect to the PingOne services for integration with PingOne Protect.
- Define a PingOne Protect policy based on the requirements of your application in PingAccess:
- The selected predictors are based on the decision in the PingAccess policy to collect or not collect device information using the PingOne Protect Signals SDK.
- If using the SDK, you can create a staging policy to evaluate the impact of not having the predictors that require the SDK.
- Connect PingAccess to PingOne using the PingOne connection credentials.
- Define the rules and authentication challenge policies to be used in your PingAccess risk policy.
- Any instructions sent to the token provider; for example, authentication requirements or prompt parameters should be handled by the token provider. In the case of PingFederate, this may require adjustments to the authentication policies.
- Define your PingAccess risk policy or policies:
- During a learning period, you may simply allow requests through and then apply the rules and challenge policies after the learning period.
- Link risk policy to the application(s) and resources of protected web applications.
The key documents for integrating PingFederate with PingOne Protect are listed below in the order that they should be used for the initial configuration of PingFederate:
- Add a PingFederate connection used by PingFederate to connect to PingOne services such as PingOne Protect.
- Define a PingOne Protect policy based on the requirements of your application in PingFederate:
- You may need more than one policy depending on how you are planning to integrate pingOne Protect into PingFederate.
- Consider creating a staging policy to evaluate the impact of using different predictors or policy settings.
- Connect PingFederate to PingOne using the PingOne connection credentials.
- The latest PingOne Protect Integration Kit should be deployed in your PingFederate cluster:
- This kit is part of the standard PingFederate download and Docker product images provided by Ping.
- An important consideration is the device profiling methods available through the SDK; the default PingFederate templates implement the SDK.
- Configure one or more providers based on your authentication policy needs.
- Configure one or more PingOne Protect IdP adapters based on your authentication policy needs.
- Configure your Identity First and HTML Form adapters to use the PingOne Protect providers:
- The form adapter is covered further down on the provider's page of the link provided.
- Add or adjust authentication policies to leverage PingOne Protect:
- In an initial learning period, you would not take any actions.
- Add rules and take action after the learning period to handle the risk levels.
- For guidance, review the SSO flow in the documentation.