PingOne

Getting started with PingOne Credentials

Learn how to get started with PingOne Credentials.

To try out issuance and verification demos for PingOne Credentials, learn more in PingOne Credentials issuance and PingOne Credentials verification test.

These demos don’t require any set up.

Before you begin

To get started with and access PingOne Credentials, you must have:

To set up PingID as your digital wallet, you must have:

  • The PingID mobile app.

  • A new environment with a workforce solution. Learn more in Building solutions.

    A screen capture of the Create Environment page with Workforce solution selected.

    You must create a new environment with a workforce solution to use PingID as your wallet. We are currently working on a way to add PingID to an existing environment to remove this limitation.

  • The PingOne Credentials and DaVinci service in your environment.

    A screen capture of PingOne Credentials service selected.

  • A credential. Learn more in Creating a credential. For compatibility with the DaVinci flows used for testing, the Issue, Update, and Revoke issuance rules should be set to Periodic, and the PingOne Credentials fields must include the following attributes:

    • Name - Given Name

    • Name - Family Name

    • Title

  • PingID selected as your wallet. Learn more in Creating a credential.

    A screen capture of the PingID digital wallet selected.

To test pairing PingID and issuing a credential, you must:

  1. Download the PingOne Neo Starter Flow - Setup a User Digital Wallet.

  2. Import the flow using the instructions on how to import a flow in How to create a flow in the DaVinci documentation.

  3. Launch the flow.

To test verifying a credential, you must:

  1. Download the PingOne Neo Starter Flow - Verifiable Credential Presentation Request.

  2. Import the flow using the instructions on how to import a flow in How to create a flow in the DaVinci documentation.

  3. Launch the flow.

Developing and registering the wallet app that runs the PingOne Neo SDK

About this task

The mobile app guides the user through the process of accepting and sharing credentials. Each user is invited to install and pair their digital wallet by installing a customer-developed app running the PingOne Neo SDK.

Steps

  1. Develop an app (for iOS or Android) that runs the PingOne Neo SDK, or embed the SDK into an existing app.

    Learn more in PingOne Neo SDK.

  2. In your PingOne admin console, create a PingOne application to register your wallet app:

    1. Go to Applications → Applications.

    2. Click the icon.

      Result:

      The Add Application panel opens.

    3. Enter the appropriate Application Name and Description.

    4. In the Application Type section, click Native.

    5. Click Save.

      Result:

    The details panel opens.

  3. To configure the app, on the Mobile tab, click the Pencil icon:

    1. Click Configure for Android to configure the app for Android and provide the Package Name for Google Play Services or the Package Name and App ID for Huawei Mobile Services.

    2. Click Configure for iOS to configure the app for iOS and provide the Bundle ID, as registered in the app store.

    Screen capture of the application details panel which the admin can choose to configure.

  4. Optional: To allow push notifications, click Add Push Notifications:

    1. For Android apps that use Google Play Services, enter a Server Key, as provided by FCM.

    2. For Android apps that use Huawei Mobile Services, enter a OAuth 2.0 Client ID and Client Secret.

    3. For iOS, enter the Team ID, Select a file for theAuthentication Token Signing Key, and enter the Key ID, as provided by Apple to your organization.

  5. In the Settings section:

    1. To turn on Device Integrity Check, click On to prevent the use of compromised devices for pairing or authentication.

    You can enable device integrity checking separately for Google play Services and iOS.

    1. Adjust the Cache Duration, the last device integrity check will be cached for a minimum of 1 minute or a maximum 48 hours.

    2. If your organization is using the PingOne MFA SDK to allow authentication with a QR code in certain flows, provide the relevant Universal / App Link or URI scheme that the application should use for this purpose, depending on which deep-linking mechanism the app developers used.

    3. Use the Passcode Refresh Duration field to specify the amount of time a passcode should be displayed before it’s replaced with a new passcode.

    4. To turn on Configuration for Credentials Digital Wallet link, click On, and enter a Digital Wallet Link.

      The Package Name, App ID, Bundle ID, and push notification settings cannot be modified after you save the application.

  6. Click Save.

    To enable or disable your application in PingOne, click the toggle on the Applications page.