Adding PingOne Verify to your user registration flow
By modifying your PingFederate authentication policy to include the PingOne Verify IdP Adapter policy fragment, you can challenge users to verify their identity as part of the self-service registration process.
Steps
-
In the PingFederate administrative console, go to Authentication > Policies > Policies.
-
Select the IdP Authentication Policies checkbox.
-
Open the authentication policy that you created in your initial registration configuration.
-
In the Policy area, define a policy path for user registration.
-
Under the HTML Form Adapter instance, click Rules.
-
On the Rules dialog, in the Attribute Name list, select policy.action.
-
In the Condition list, select equal to.
-
In the Value field, enter
identity.registration. -
In the Result field, enter a name, such as
Registration. This appears as a new policy path that branches from the PingOne Verify IdP Adapter. -
Click Done.
-
-
After the HTML Form Adapter instance, for the Fail path, select Done.
-
After the HTML Form Adapter instance, for the Registration path, select the local identity profile that you created for PingOne Verify.
-
Click Local Identity Mapping.
-
On the Inbound Mapping tab, map the registration form fields to the input policy contract attributes.
Table 1. Example mappings Inbound Mapping Fulfillment Value firstName
regFirstName
email
registrar@example.com
-
On the Contract Fulfillment tab, map values for the outbound contract.
Table 2. Example mappings Outbound Mapping Fulfillment Source Value attr1
Local Identity (Verify Identity Profile)
email
subject
Local Identity (Verify Identity Profile)
firstName
-
Click Done.
-
-
After the HTML Form Adapter instance, for the Success path, configure the standard (non-registration) authentication path.
-
Click Done.
-
In the Policies window, click Save.