PingOne
Configuring the Veza integration for Ping Identity
Early Access: Please contact our support team to enable the PingOne integration for your platform.
Overview
The Veza integration for Ping Identity enables discovery of PingOne Users, Groups, Roles, Populations, Applications, and external Identity Providers.
Once configured, you can use the integration to:
Extract and search for user attributes, including custom attributes.
Display users and their assigned applications based on group membership.
Review all users, identity providers, and applications in a PingOne environment.
Add custom mappings to define relationships with other integrated systems.
See notes and supported entities for more information.
Setting up the PingOne Integration
Create a new application to access all environments
In one of your environments, navigate to Connections > Applications.
Click on + to add a new application.
In the Roles tab, click Grant roles.
Proceed to the Veza platform to complete the integration using the client secret, client ID, and environment ID obtained from step 6.
Add integration to the Veza Platform
Within Veza, navigate to Integrations.
Click Add New and choose Ping One as the integration type.
Provide the necessary details and click Save.
Field | Notes |
---|---|
Environment ID | Unique identifier for a specific environment within the PingIdentity platform. |
Client ID | Unique identifier for the client application. |
Client Secret | Confidential key used by the integration. |
Region | The region of your Ping One organization, for example, |
Optionally, you can define Custom Properties for PingOne users that Veza should recognize. PingOne supports two types of custom attributes: Declared (string attributes, possibly multivalued) and JSON (structured). Veza currently recognizes only Declared attributes (strings and lists of strings). JSON attributes are not supported at the moment.
Before finalizing the configuration, consider adding a custom identity mapping for any data sources that Ping Users might access.
Notes and Supported Entities
After setting up the integration, Veza will recognize the following entity types and attributes:
Ping One Organization
An Organization is the primary entity within Ping Identity, encompassing one or more Environments. Each environment is configured individually.
Attributes supported by Veza:
OrganizationType
Description
Ping One Environment
Each PingOne Environment houses distinct sets of Users, Groups, Applications, and Identity Providers.
Attributes supported by Veza:
OrganizationID
Region
Description
EnvironmentType
Ping One User
A User entity represents an account or digital identity utilized for single sign-on with applications integrated with PingIdentity IAM solutions.
Attributes supported by Veza:
EMail
CreatedAt
UpdatedAt
UserLastLogin
UserIsActive
UserIsLocked
MFAActive
FirstName
LastName
NickName
IDPUniqueID
CountryCode
Region
EmailVerified
ExternalID
LifecycleStatus
VerifyStatus
Title
Username
RoleAssignments
Ping One Application
Users can access different applications based on their configurations within Ping:
Veza supports application attributes:
CreatedAt
UpdatedAt
UserIsActive
HiddenFromUI
LoginPageURL
Protocol
Type
ACLAdminUserOnly
ACLGroupsAll
ACLGroupsAny
ServiceProviderEntityID
AcsUrls
Within Ping, application access can be limited 1) only to admins and 2) based on group membership. There are different options for group membership requirements:
No group limitation
Users must belong to any of the selected groups
Users must belong to all selected groups
Ping One Group
A group consists of users who might be granted access to Applications and can be associated with Populations.
Attributes supported by Veza:
IDPUniqueID
UserFilter
Description
Population
ExternalID
Ping One Population
In addition to groups, Ping Identity introduced Populations that can be associated with Users and Groups.
Attributes supported by Veza:
Default
Description
Population
Ping One Role
Roles are collections of permissions assignable to an application, connection, or user. Examples include roles like Organization Admin
or Client Application Developer
.
Attributes supported by Veza:
Permissions
Description
Scope
Last updated