ThreatMetrix Integration Kit
The ThreatMetrix Integration Kit allows PingFederate to communicate with ThreatMetrix for risk-based authentication.
By sending a device profile (and, optionally, user attributes) to ThreatMetrix when a user signs on, PingFederate can get a security risk assessment for the sign-on event. You can use this assessment to adjust authentication requirements dynamically each time a user signs on. For example, by configuring policies in PingFederate and ThreatMetrix, you could require multi-factor authentication (MFA) when a user signs on with a new device.
Features
-
Supports ThreatMetrix’s Web and SDK device profiling scripts. You can find more information in Introduction to Profiling (requires sign-on) in the ThreatMetrix documentation.
-
Supports device profiling in any browser-based authentication source or web application. Learn more in Device profiling methods.
-
Supports the PingFederate authentication API.
-
Supports the JavaScript Widget for the PingFederate Authentication API.
Components
- Template and script files
-
-
When a user signs on through PingFederate, these files create the device profile and send it to ThreatMetrix. There are several files to accommodate a variety of device profiling methods.
-
- ThreatMetrix IdP Adapter
-
-
When a user signs on through PingFederate, the adapter sends the user attributes to ThreatMetrix.
-
The adapter receives the result of the risk assessment as well as other attributes and sign-on event data. The adapter makes this information available in the PingFederate authentication policy.
-
Intended audience
This document is intended for PingFederate administrators. If you need help during the setup process, see the following resources:
-
The following sections of the PingFederate documentation:
-
The following sections of the ThreatMetrix documentation:
-
Introduction to ThreatMetrix Platform (requires sign-on)
-
Architecture Overview (requires sign-on)
-
Implementation Resources (requires sign-on)
-
Implementation Steps (requires sign-on)
-