PingOne DaVinci

Configuring a flow policy

Configure flow policies to control which flows and flow versions are displayed for users.

Steps

  1. On the Applications tab, browse or search for the application and click Edit.

  2. On the Flow Policy tab, click + Add Flow Policy.

  3. In the Policy Name field, enter a name for the flow policy.

  4. Select PingOne Flow Policy to enable flows in the policy to be launched directly through PingOne.

    This option cannot be changed after the flow policy is created. PingOne flow policies can only include flows and flow versions that have the PingOne Flow setting enabled.

  5. (Optional) If the flow policy is a PingOne flow policy, select one or more options for skipping the flow if an existing session is found.

    This option is useful if you want to avoid unnecessary flow executions for users who already have a session.

    1. Select Password Based Authentication to skip the flow if a password-based session exists, and select MFA Based Authentication to skip the flow if an MFA-based session exists.

    2. For each selected authentication method, provide a time range by entering a number and selecting minutes, hours, or days. The flow is only skipped if the existing session was created within the time range you select.

  6. Click Next.

  7. Add one or more flows to the policy:

    1. In the Flows section, select a flow.

    2. In the Version section, select one or more versions of the flow to use.

      The Latest Version option always uses the latest version.

    3. (Optional) Repeat the previous steps to add additional flows.

  8. Click Next.

    Result:

    The Edit Your Weight Distribution modal opens.

  9. Add weight distribution and analytics information for each flow and flow version:

    1. In the Distribution field for each flow version, enter or select a distribution weight from 1 - 100.

      When a flow policy with more than one flow is invoked, the flow policy selects a flow to run, using the distribution weight for each flow as the percent chance of its selection. You can use this feature to A/B test flows or flow versions.

    2. (Optional) Click Add IP Whitelist, then enter one or more IP addresses in the Whitelist IP field.

      If a request comes from an IP address on the allow list, the weight is ignored, and the specified flow is triggered.

    3. (Optional) In the Analytics - Select Success Nodes list, select one or more nodes that, when run, indicate that the flow run was successful.

    This information is used to calculate the flow policy’s success rate.

  10. Click Create Flow Policy.

  11. Click the General tab, then click Apply.