Skip to content

ForgeRock/p1p-400

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
 
 
 
 

Repository files navigation

PingOne Protect 400: Data Analysis and Configuration of Protect Integrations

The links in this document are to the product documentation and will assist in configuring the integrations in your deployment. The following links are to major sections of the documentation related to PingOne Protect:

A guide for testing integrations is available to customers, access to the customer portal is required.

Configuring PingAccess Integration With PingOne Protect

The key documents for integrating PingAcess with PingOne Protect are listed below in the order that they should be used for the initial configuration of PingAccess:

  1. Add a PingFederate connection used by PingAccess:
    • PingAccess uses the PingFederate connection to connect to the PingOne services for integration with PingOne Protect.
  2. Define a PingOne Protect policy based on the requirements of your application in PingAccess:
  3. Connect PingAccess to PingOne using the PingOne connection credentials.
  4. Define the rules and authentication challenge policies to be used in your PingAccess risk policy.
    • Any instructions sent to the token provider; for example, authentication requirements or prompt parameters should be handled by the token provider. In the case of PingFederate, this may require adjustments to the authentication policies.
  5. Define your PingAccess risk policy or policies:
    • During a learning period, you may simply allow requests through and then apply the rules and challenge policies after the learning period.
  6. Link risk policy to the application(s) and resources of protected web applications.

Configuring PingFederate Integration With PingOne Protect

The key documents for integrating PingFederate with PingOne Protect are listed below in the order that they should be used for the initial configuration of PingFederate:

  1. Add a PingFederate connection used by PingFederate to connect to PingOne services such as PingOne Protect.
  2. Define a PingOne Protect policy based on the requirements of your application in PingFederate:
    • You may need more than one policy depending on how you are planning to integrate pingOne Protect into PingFederate.
    • Consider creating a staging policy to evaluate the impact of using different predictors or policy settings.
  3. Connect PingFederate to PingOne using the PingOne connection credentials.
  4. The latest PingOne Protect Integration Kit should be deployed in your PingFederate cluster:
    • This kit is part of the standard PingFederate download and Docker product images provided by Ping.
    • An important consideration is the device profiling methods available through the SDK; the default PingFederate templates implement the SDK.
  5. Configure one or more providers based on your authentication policy needs.
  6. Configure one or more PingOne Protect IdP adapters based on your authentication policy needs.
  7. Configure your Identity First and HTML Form adapters to use the PingOne Protect providers:
    • The form adapter is covered further down on the provider's page of the link provided.
  8. Add or adjust authentication policies to leverage PingOne Protect:
    • In an initial learning period, you would not take any actions.
    • Add rules and take action after the learning period to handle the risk levels.
    • For guidance, review the SSO flow in the documentation.

Releases

No releases published

Packages

No packages published