PingFederate® is a full-featured federation server that provides identity management, web single sign-on, and API security for customers, partners, and employees. Users can securely access the applications they require with a single identity using any device. PingFederate® supports all of the current identity standards including SAML, WS-Federation, WS-Trust, OAuth, and OpenID Connect.
Duo's two-factor authentication is now available for PingFederate SSO user logins.
This application communicates with Duo's service on TCP port 443. Firewall configurations that restrict outbound access to Duo's service with rules using destination IP addresses or IP address ranges aren't recommended, since these may change over time to maintain our service's high availability. If your organization requires IP-based rules, please review this Duo KB article.
The security of your Duo application is tied to the security of your secret key (skey). Secure it as you would any sensitive credential. Don't share it with unauthorized individuals or email it to anyone under any circumstances!
Download the Duo Security Integration Kit from PingFederate Server Integration Kits Downloads (Ping account login required).
Refer to Ping Identity's Duo Security Integration Kit Product Documentation for installation and configuration instructions. Follow the directions to deploy Duo in your PingFederate environment.
To update your installed Duo integration kit to a newer version you'll need to:
Download the most recent version of the Duo integration kit from PingFederate Server Integration Kits Downloads (Ping account login required).
Extract the contents of the downloaded ZIP file and copy those files to your Ping server(s), replacing the existing Duo kit files.
Restart PingFederate services.
See the Upgrade from a previous installation section in Ping's documentation for complete instructions. You'll need to update each server in your PingFederate cluster separately.