ForgeRock Developer Experience

Integrate with PingOne Protect for risk evaluations

The ForgeRock Login Widget can integrate with PingOne Protect to evaluate the risk involved in a transaction.

Integration with PingOne Protect in journeys is only available in self-managed ForgeRock Access Management 7.5 and later.
A flowchart illustrating how risk predictors evaluate many different data points to determine whether to allow a user access or prompt mitigation.
Figure 1. A flowchart illustrating how risk predictors evaluate many different data points.

You can instruct the ForgeRock Login Widget to use the embedded PingOne Signals SDK to gather information during a transaction. Your authentication journeys can then gather this information together and request a risk evaluation from PingOne.

Based on the response, you can choose whether to allow or deny the transaction or perform additional mitigation, such as bot detection measures.

You can use the audit functionality in PingOne to view the risk evaluations:

Risk evaluation records in the PingOne audit viewer.
Figure 2. Risk evaluation records in the PingOne audit viewer.

Steps

Step 1. Set up the servers

In this step, you set up your ForgeRock and PingOne servers to perform risk evaluations.

For example, you create a worker application in PingOne and configure your ForgeRock server to access it. You also create an authentication journey that uses the relevant nodes.

Step 2. Configure the ForgeRock Login Widget for PingOne Protect

With everything prepared, you can now configure the ForgeRock Login Widget to evaluate risk by using PingOne Protect.

Copyright © 2010-2024 ForgeRock, all rights reserved.