The easiest route - we'll conduct a 15 minute phone interview and write up the review for you.
Use our online form to submit your review. It's quick and you can post anonymously.
We use PingFederate to provide SSO (Single Sign-On) solutions to enterprise applications. We support protocols like SAML (Security Assertion Markup Language), OAuth, and OpenID Connect. For example, an organization wants to enable SSO for their applications. We use PingFederate to integrate those applications and onboard them with their IdP (Identity Provider).
PingFederate's scalability features supported our organization's growth.
We use PingFederate as an identity provider (IdP). At the back end, we have Active Directory and Ping Directory as user stores for authentication. For our company, where we have around one million users and a thousand applications, PingFederate enables single sign-on (SSO) using the SAML protocol.
People have different email IDs and applications. Instead of users needing to remember a thousand different credentials, they can authenticate with a centralized system and use a single set of credentials to log in to all authorized applications. This provides a seamless user experience.
PingFederate is very flexible. We can do many customizations, and it also provides an SDK to tailor it to our specific requirements. There are also numerous plugins available. I've worked with tools like ForgeRock and Okta, but I find PingFederate to be the most customizable.
It provides basic SSO functionality, but we can easily extend it. For instance, if a client requires multi-factor authentication (MFA) beyond username and password, such as OTPs or knowledge-based answers, we can integrate those.
Ultimately, we tailor the solution based on client needs. In fact, I've also worked in presales, demonstrating the capabilities of PingFederate through POCs (Proof of Concepts).
It requires some expertise to set up and manage. Also, having dedicated support is helpful. It's not something anyone can just set up and run without assistance – ideally, a team using PingFederate should have at least one or two people with in-depth knowledge of the product.
I have a total of eight plus years of experience using the complete Ping suite, which includes PingFederate, PingAccess, PingDirectory, and everything.
I have enterprise-level knowledge of all the products. I have implemented, developed, and supported Ping solutions.
I've used both on-premises and cloud setups, and I haven't experienced any stability issues so far. The stability depends on how you configure your infrastructure. But overall, the stability is very good.
PingFederate provides different scalability options. We can set it up in a cluster for a large user base. For instance, we can have two or three servers at the back end to distribute the load and ensure stability. We can install PingFederate in a clustered configuration.
This way, requests are distributed equally, and we can tailor the setup to the number of users. If the user base is small, two servers might be enough. For a larger number of authentication requests, we could use four or five PingFederate servers at the back end.
The support is good. If you have issues, they respond promptly. You just need to provide clear and detailed information about your problem.
For PingFederate implementation, we have different options. We can have an on-premise implementation, meaning we install it on our own procured servers. Alternatively, we can use the cloud version of PingFederate.
The initial setup itself isn't overly complex. With the cloud version, it's primarily deploying WAR files.
While the full implementation takes time due to development and testing, the core installation process is relatively straightforward.
Ping offers flexible pricing that's not standardized. Subscription length will impact the price – for example, a three-year subscription will likely be cheaper than a one-year option.
Additionally, if you require a higher level of support, that will influence the pricing. It depends on your specific requirements and support needs.
I definitely recommend PingFederate. If not the on-premises version, the cloud version is also a good option. We can determine the best approach based on your specific requirements.
PingFederate is a great tool with a lot of customization options. It even offers agent-based integrations for older legacy applications that don't support modern protocols like SAML or OAuth. We just need to install JAVA agent on the application server, and there it will take the request and take it forward to the PingFederate.
Based on ease of use and everything, I'll rate it a nine out of ten. I've used Okta, and that's a bit more complex in comparison.
It requires some expertise to set up and manage. Also, having dedicated support is helpful. It's not something anyone can just set up and run without assistance – ideally, a team using PingFederate should have at least one or two people with in-depth knowledge of the product.
In my company, we use PingFederate for federated connections and some ADC connections to arrange for single sign-on across our infrastructure and customers.
The most valuable feature of the solution is that PingFederate is very customizable since it allows its user to write in Java while using Spring, allowing for any plugin for almost any place or entity inside of it. You can modify everything, and it's a very suitable tool, more than Okta or Azure AD when you have a non-standard structure since it allows for customization and runs as a separate solution or a service.
Notifications and monitoring are two areas with shortcomings in the solution that need improvement.
I have been using PingFederate for more than five years. I use the solution's latest version. I am a customer of the solution.
I haven't faced any issues while walking with the solution. It is a stable solution. Stability-wise, I rate the solution a ten out of ten.
It's a very scalable tool because it allows those working on it to work with clusters, especially if we discuss PingFederate's horizontal scalability. One can use any number of nodes needed, but usually, two or three nodes are enough during the production phase.
For how the solution has been set up and programmed, I rate the solution's scalability a nine out of ten.
Owing to an NDA that my company has signed, I can't disclose the exact number of my company's customers who use the solution, but I can say that many use the solution, and it goes more than 50 in number.
My company does contact the solution's technical support from time to time in relation to the custom components that are due for updates. If we have built something very custom and something inside of PingFederate changes, then we contact the support team. The response from the support team is pretty quick. Mostly our company's issues related to the solution get resolved with the help of the technical team.
PingFederate provides pretty good documentation for the initial setup, but it's a large one requiring users to spend time on it.
If one is familiar with other authorization services, like Keycloak, it is possible to adopt PingFederate quickly.
The solution is deployed on the cloud, and we use the cloud services Amazon provides according to their documentation.
The deployment phase of the tool usually takes less than five minutes.
PingFederate allows us to untie our hands within our work environment, which involves many scenarios in terms of customization.
I would ask those planning to use the solution for the first time to research their infrastructure to utilize the other services in PingFederate. If they use the services of some other vendor, like Azure AD or other solutions, then it would be easier to use PingFederate since it may be less pricey.
I rate the overall solution a nine out of ten.
