PingID

Description

PingID is a multi-factor authentication (MFA) service from Ping Identity that adds an extra layer of security to user sign-ins. It is a cloud-based service that uses a mobile app and various methods like push notifications, one-time passcodes (OTPs) via SMS or email, and QR codes to verify user identities, making it more secure than just a password. This service is used for both workforce (employees, contractors) and customer identity management.

This plugin integrates PingID as an authentication method in DeepHunter.

Settings

CLIENT_ID

  • Type: string

  • Description: The Client ID provided by PingID for OAuth2 authentication.

  • Example:

CLIENT_ID = 'deephunter'

CLIENT_SECRET

  • Type: string

  • Description: The Client Secret provided by PingID for OAuth2 authentication.

  • Example:

CLIENT_SECRET = 'aB9cD3eF7gH1iJ2kL0mN4pQ6rS8tU5vWzYxZ3A7bC9dE2fG1hI0jsUQK3lM6nP9q'

SERVER_METADATA_URL

  • Type: string

  • Description: The Server Metadata URL for PingID.

  • Example:

SERVER_METADATA_URL = 'https://ping-sso.domains.com/.well-known/openid-configuration'

SCOPE

  • Type: string

  • Description: Scope parameters (separated by spaces) gathered as output to the authentication request.

  • Example:

SCOPE = 'openid groups profile email'

AUTH_TOKEN_MAPPING_USERNAME

  • Type: string

  • Description: Mapping of expected keys (left) vs token fields (right). It is recommended to use the debug return function of ./deephunter/views.py on line 55 to check the token values. Only modify values (right side), not the keys (left).

  • Example:

AUTH_TOKEN_MAPPING_USERNAME = 'sub'

AUTH_TOKEN_MAPPING_FIRST_NAME

  • Type: string

  • Description: Mapping of expected keys (left) vs token fields (right). It is recommended to use the debug return function of ./deephunter/views.py on line 55 to check the token values. Only modify values (right side), not the keys (left).

  • Example:

AUTH_TOKEN_MAPPING_FIRST_NAME = 'firstName',

AUTH_TOKEN_MAPPING_LAST_NAME

  • Type: string

  • Description: Mapping of expected keys (left) vs token fields (right). It is recommended to use the debug return function of ./deephunter/views.py on line 55 to check the token values. Only modify values (right side), not the keys (left).

  • Example:

AUTH_TOKEN_MAPPING_LAST_NAME = 'lastName'

AUTH_TOKEN_MAPPING_EMAIL

  • Type: string

  • Description: Mapping of expected keys (left) vs token fields (right). It is recommended to use the debug return function of ./deephunter/views.py on line 55 to check the token values. Only modify values (right side), not the keys (left).

  • Example:

AUTH_TOKEN_MAPPING_EMAIL = 'email'

AUTH_TOKEN_MAPPING_GROUPS

  • Type: string

  • Description: Mapping of expected keys (left) vs token fields (right). It is recommended to use the debug return function of ./deephunter/views.py on line 55 to check the token values. Only modify values (right side), not the keys (left).

  • Example:

AUTH_TOKEN_MAPPING_GROUPS = 'groups'

USER_GROUPS_MEMBERSHIP

  • Type: Dictionary

  • Description: This variable is used to map local groups with AD groups.

  • Example:

USER_GROUPS_MEMBERSHIP = {
        'viewer': 'deephunter_read',
        'manager': 'deephunter_write'
}