Skip navigation



Ping Identity has partnered with Duo Security to provide two-factor authentication for PingFederate® logins, complete with self-service enrollment and authentication prompt.

PingFederate® is a full-featured federation server that provides identity management, web single sign-on, and API security for customers, partners, and employees. Users can securely access the applications they require with a single identity using any device. PingFederate® supports all of the current identity standards including SAML, WS-Federation, WS-Trust, OAuth, and OpenID Connect.

Duo's two-factor authentication is now available for PingFederate SSO user logins.

First Steps

  1. Sign up for a Duo account.
  2. Log in to the Duo Admin Panel and navigate to Applications.
  3. Click Protect an Application and locate PingFederate in the applications list. Click Protect this Application to get your integration key, secret key, and API hostname. (See Getting Started for help.)

Connectivity Requirements

This integration communicates with Duo's service on TCP port 443. Also, we do not recommend locking down your firewall to individual IP addresses, since these may change over time to maintain our service's high availability.

Configure PingFederate

  1. Download the Duo Security Integration Kit from PingFederate Server Integration Kits Downloads.

  2. Refer to Ping Identity's Duo Security Integration Kit Product Documentation for installation and configuration instructions. Follow the directions to deploy Duo in your PingFederate environment.


Need some help? Try searching our Knowledge Base articles or Community discussions. For further assistance, contact Support.

Ready to Get Started?

Sign Up Free