Visibility and control for all of your identities

Federated identity management is our solution for providing management, security and visibility for all of your identities. Whether you’re modernizing a directory server with PingDirectory, synchronizing identity data with PingSync, governing data access with PingDataGovernance, deploying identity services to our IDaaS product, the PingOne cloud, or integrating your user store with our on-premises federation server, PingFederate, you have complete control over where your users reside and what they can access as well as full visibility into which applications they’re using.


Both SaaS and traditional applications typically need to know about these identities as well, however, and that’s where provisioning comes into play. Many SaaS providers have proprietary mechanisms for user provisioning and deprovisioning, and we have advanced integrations that completely automate the creation of the correct accounts in the applications that users need. We also support the newest provisioning standard, SCIM, to provide identity synchronization for both internal and external applications through an open, interoperable system that promises to make user management even easier.

Manage your users on your terms


Successfully implementing federated identity management requires flexibility. Whether you need to integrate your existing directory for single sign-on and access security, migrate to a modern high-performance directory server, or leverage IDaaS as you move to the cloud, our directory capabilities provide answers.


The PingDirectory and data server is a secure, high-speed, scalable, modern directory server for broad use across employee, partner and customer identity use cases. It allows you to store structured and unstructured data, supports modern authentication and integration protocols and simplifies management to lower costs.


The PingOne cloud directory allows you to manage your users without an on-premises footprint, so you can cost effectively store customer and partner identities instead of maintaining them in your corporate directory. Full support for the SCIM protocol means you have complete access to standards-based APIs for managing these identities as well. These flexible options give you centralized control and visibility for all of your users—employees, partners and customers—all on your terms.

Identities for all your applications

Providing easy, secure access to both SaaS and internal applications is critical to user productivity and successful adoption. Users want simple, one-click access to all of their applications, but organizations need to have control and visibility while ensuring the highest levels of security. The manual methods used in the past to onboard and offboard users for applications simply doesn’t scale considering the number of users and applications, both internal and external, that are in use today.


To meet these needs, our federated identity management solution provides advanced provisioning capabilities in the PingOne cloud and the PingFederate server, enabling automated user management for both SaaS and internal applications. Powerful rules rely on group memberships or user attributes to determine which applications users should be provisioned to, and automatic deprovisioning occurs when a user account is disabled, completely removing access from the target applications. Whether the application is using a proprietary protocol or the new SCIM standard, our federated provisioning capabilities give you:

  • Streamlined user onboarding and offboarding.
  • Bi-directional account synchronization.
  • Support for proprietary and SCIM APIs.
  • Centralized visibility and control for access governance.