Certified: July 10th, 2022
Solution Summary
This section describes the ways in which Ping Identity PingFederate can integrate with RSA SecurID Access. Use this information to determine which use case and integration type your deployment will employ.
Use Cases
Internal Applications and/or Identity Management System - When integrated, users must authenticate with RSA SecurID Access in order to create sessions to internal applications and/or identity management system using adapters. Internal Applications and/or Identity Management System can be integrated with RSA SecurID Access using Authentication API, SSO Agent and Relying Party.
Bridge between RSA SecurID Access SAML IdP and Partner Service Providers - When integrated, users must authenticate with RSA SecurID Access in order to create sessions to partner Service Providers using authentication policy contracts. Bridge between RSA SecurID Access SAML IdP and Partner Service Providers can be integrated with RSA SecurID Access using SSO Agent and Relying Party.
Integration Types
SecurID Authentication API integrations can provide a rich user interface with all RSA SecurID Access features within the partner application. Refer to the Supported Features section in this guide see which features this partner application has implemented.
SSO Agent integrations use SAML 2.0 or HFED technologies to direct users’ web browsers to Cloud Authentication Service for authentication. SSO Agents also provide Single Sign-On using the RSA Application Portal.
Relying party integrations use SAML 2.0 to direct users’ web browsers to Cloud Authentication Service for authentication. Primary authentication is configurable, so relying party can be a good choice for adding additional authentication (only) to existing deployments.
Supported Features
This section shows all of the supported features by integration type and by RSA SecurID Access component. Use this information to determine which integration type and which RSA SecurID Access component your deployment will use. The next section contains the steps to integrate RSA SecurID Access with Ping Identity PingFederate for each integration type.
Ping Identity PingFederate Integration with RSA Cloud Authentication Service
| Authentication Methods |
Authentication API |
RADIUS |
Relying Party |
SSO Agent |
|---|---|---|---|---|
| RSA SecurID | - | - | ||
| LDAP Password | - | - | ||
| Authenticate Approve | - | - | ||
| Authenticate Tokencode | - | - | ||
| Device Biometrics | - | - | ||
| SMS Tokencode | - | - | ||
| Voice Tokencode | - | - | ||
| FIDO Token | n/a | n/a | ||
| Identity Assurance | - | - |
Ping Identity PingFederate Integration with RSA Authentication Manager
| Authentication Methods |
Authentication API | RADIUS | Authentication Agent |
|---|---|---|---|
| RSA SecurID | - | - | |
| On-Demand Authentication | - | - | |
| Risk-Based Authentication | n/a | - | - |
| Supported | |
| - | Not supported |
| n/t | Not yet tested or documented, but may be possible. |
Configuration Summary
The following links provide instructions on how to integrate Ping Identity PingFederate with RSA SecurID Access.
This document is not intended to suggest optimum installations or configurations. It assumes the reader has both working knowledge of all products involved, and the ability to perform the tasks outlined in this section. Administrators should have access to the product documentation for all products in order to install the required components. All RSA SecurID Access and Ping Identity PingFederate components must be installed and working prior to the integration.
Integration Configuration
Use Case Configuration
- Internal Applications and/or Identity Management System
- Bridge between RSA SecurID Access SAML IdP and Partner Service Providers
Certification Details
Date of testing: July 10th, 2022
RSA Cloud Authentication Service
Ping Identity PingFederate 10
Known Issues
No known issues.
