What is our primary use case?
I am into cybersecurity IAM and have excellent experience with Ping Identity, especially. I work on implementing SSO using Ping Identity with application support protocols such as SAML 2.0 and OAuth/OIDC connections in production and non-production environments.
I validate applications and functionalities on PingFederate and PingAccess, provide 24/7 support on prod/non-prod environments, troubleshoot issues, renew certificates, gather requirements, implement changes, and integrate new applications into Ping.
I also provide authentication and authorization services to applications. I have been working with the operations team and, for the last six months, have upgraded to the engineering team. I create policies, adapters, and selectors for clients.
How has it helped my organization?
We implement multi-factor authentication because two-factor authentication had a lot of problems. We have to move to multi-factor authentication for security purposes. We had to implement multi-factor authentication before onboarding the SSO applications.
It is not an easy tool to use. There are two flows: internal and external.
For internal flows, we use Azure AD authentication for seamless SSO. Users do not need to enter a user ID or password. Once they are authenticated by Azure AD, they are redirected to the application page.
For external users, the application teams are using multi-factor authentication.
What is most valuable?
I like PingFederate. The application support side of PingFederate is the best.
What needs improvement?
The application only supports specific protocols. SAML is more secure than OAuth or OIDC because OAuth and OIDC expose user ID and password. It's similar to using grant types for access and authorization in production and non-production environments. These are the areas that need improvement.
For how long have I used the solution?
I have been using it for three to four years.
What do I think about the stability of the solution?
We had issues with the stability. After the deployment, SSO did not work. The priority was very high because implementation and deployment were complete. I contacted my manager and the applications team and set up a call with Ping Identity for an immediate response. After that, I cleared the issue within 15 to 20 minutes.
We have to use protocols like OAuth 2.0 for stability and secure use of third-party applications. Many applications using OAuth 2.0 is the most safe and secure, I think.
I would rate the stability an eight out of ten.
What do I think about the scalability of the solution?
How are customer service and support?
A lot of teams work with technical support, but I work with it for user issues only. You might need support with things like application swaps, application names, and application URLs.
I didn't know where to find those in Ping Identity, so I contacted technical support for those issues.
The support team is very clever and active. They provide end-to-end support once an issue is created. I have worked with most of the support team.
I also work with the support team because I work with the operations team. I provide 24/7 support to production and non-production environments.
I coordinate with application and network teams to troubleshoot critical tickets and issues related to Ping Identity solutions.
How would you rate customer service and support?
How was the initial setup?
The initial setup is difficult.
Integration process with the existing system:
Before creating user access, we first need to ensure the third-party application supports SSO protocols like SAML, ROA, or OpenID Connect. We gather necessary metadata files from the configuration information required by the PingFederate. Then, we select the application type based on the capabilities and requirements of the third-party application. Ping Identity Platform options may include SAML SP or Ping, OpenID Connect, and reliant party.
Next, we configure application settings, providing basic information such as the application name and description, along with relevant details.
Input the necessary URL, endpoint, and metadata provided by the third-party application. Configure authentication settings, including the signing certificates and encryption method. Then, proceed to attribute mapping, where we map attributes between PingFederate and the third-party application. This ensures user information is correctly extended during the SSO transaction. Define which attributes should be sent out and issued by the application.
Next, we define access policies to control which users or groups can access the third-party application, configuring authorization rules and permissions as needed. Use PingFederate's testing tools to ensure the SSO integration is functioning correctly, testing authentication, attribute mapping, and any other relevant features. Once the Ping integration is successful, deploy the configuration to make it live. Ensure any necessary firewall rules or network configurations are in place to allow communication between Ping and the third-party application.
What other advice do I have?
Overall, I would rate it a seven out of ten. Ping Identity is a multinational company, and many MNCs and small-scale industries approach them to implement SSO or MFA. Basic information like data users and data centers are all in the Ping Gateway.
I would recommend it to others. I love Ping Identity products. We use PingFederate, PingAccess, PingOne, and PingID for authentication and authorization. I use PingID on my mobile phone for MFA. It safely and securely accesses my applications without any interruption.
PingID and PingOne are used for authentication and authorization. When MFA is used, you're using PingID on your mobile phone. But PingOne securely accesses my applications without interruption. Within a fraction of a second, I can log in and access any application.
Ping Identity products like PingFederate are safe. They help cybersecurity teams prevent ransomware, any interruption data theft, and money theft for banking products. They offer 24/7 support and monitoring. Ping Identity products are 100% safe and secure.
*Disclosure: I am a real user, and this review is based on my own experience and opinions.