Integrating Flows into Applications
After you create a flow, integrate it into a user-facing application. Integrating a flow into an application lets your users launch the flow from that application.
You can integrate a flow in different ways. Each method launches the flow in a different way. Choose an integration method based on the type of flow that you want to launch and the desired user experience.
The following methods can be used to launch a flow:
-
A redirect through PingOne. This method uses a call to a PingOne application to launch a flow with a redirect. This method is effective for flows with UI components. You should use a redirect through PingOne if you want to launch the flow in a new application page that replaces the current page and if you want to use OpenID Connect (OIDC) or Security Assertion Markup Language (SAML) authentication.
-
A redirect through PingOne using DaVinci as an external identity provider (IdP). This method uses a call to a PingOne application to launch a flow with a redirect using an external IdP configuration. This method is effective for flows with UI components, but it’s not recommended unless you have already configured your environment for it. If you want to configure your environment to launch flows with a redirect through PingOne, use this procedure instead.
-
The widget. This method launches a flow inside of a widget on the current page. This method is effective for situations in which you do not want to redirect the user to a new URL.
-
An API call. This method launches a flow using an API call. This method is effective for flows without a UI component.
-
The SDK. This method launches a flow from an application that you develop using the DaVinci module for the Ping SDK for JavaScript, Ping SDK for iOS, or Ping SDK for Android. This method is appropriate if you want fine-grained control of a user’s mobile experience.
-
The PingFederate integration. This method uses the widget to launch a flow from an existing PingFederate deployment.
To switch between using flows for a PingOne redirect integration and an integration using the DaVinci widget, see Switching between PingOne and DaVinci widget integrations. |
Integration method comparison
Redirect | Widget | API | SDK | DaVinci Integration Kit for PingFederate (widget mode) | DaVinci Integration Kit for PingFederate (API mode) | |||
---|---|---|---|---|---|---|---|---|
Description |
Launches flow in new browser tab |
Launches flow within current browser tab |
Launches flow without UI components using API call |
Launches flow from native or web apps using the Ping SDKs from a PingOne application |
Launches flow within current browser tab |
Launches flow without UI components using API call |
||
Trigger |
PingOne Policy link |
Widget embedded in application |
API Call |
Launch from within SDK application |
PingFederate authentication policy initiates DaVinci Integration Kit adapter in widget-based flow mode |
PingFederate authentication policy initiates DaVinci Integration Kit adapter in API-based flow mode |
||
UX hosted by |
DaVinci |
Application that launched the flow |
None Launching application must handle UX |
Custom application built with the SDK |
PingFederate |
None DaVinci adapter in API-based flow mode does not present a UI |
||
HTML |
DaVinci using PingOne Forms or Custom HTML |
DaVinci with Custom HTML |
Launching application must handle UX |
DaVinci Integration Kit template |
||||
CSS |
DaVinci |
Host application |
Launching application must handle UX |
DaVinci Integration Kit template |
||||
User Experience |
User’s browser tab is redirected to DaVinci with refresh |
Flow is launched within the host application |
Flow is launched within the application |
Flow is launched within PingFederate |
||||
Modes |
Full screen |
Embedded in host application or modal |
Depends on launching application |
Embedded in DaVinci Integration Kit template |
||||
Developer experience for launching flows
|
No development skills needed Flow hosted in DaVinci |
Minimal development effort Flow is a component in existing application |
Significant development effort |
Significant development effort |
Minimal development effort
|
No development skills needed Flow result data is available in PingFederate authentication policy |
||
Time required |
Fastest |
Fast |
Slow |
Slow |
Fast (with existing PingFederate deployment) |
Fastest (with existing PingFederate deployment) |