how it works

PingOne® is an identity-as-a-service (IDaaS) single sign-on (SSO) offering that enables enterprises to give their users federated access to any application with a single click from a secure, cloud-based dock, accessible from any browser or mobile device.


The PingOne platform makes it easy for administrators to connect to cloud applications via PingOne Application Catalog integrations or by leveraging identity standards such as SAML and OIDC. Further, options are available for PingOne to connect to various identity providers to authenticate users.


Identity bridges are also available to facilitate integration across hybrid IT infrastructures.


PingOne is architected to scale; some of our enterprise customers have connected nearly 2,000 applications to their PingOne accounts. With high availability and disaster recovery features, PingOne reliably delivers secure IDaaS solutions for the enterprise. 

Identity as a Service


  • Enjoy single sign-on to SaaS apps for users with a vendor-hosted, multi-tenant solution that reduces the need to set up and manage servers.
  • PingOne can also be combined with PingID to enable multi-factor authentication with centralized administration for both products in a cloud-based solution.


Easy Cloud App Connections


  • Administrators can quickly add custom applications via SAML or OIDC or pre-configured applications from the PingOne Application Catalog.
  • If federation already exists in the enterprise, apps can also be added to and bookmarked in the user dock for a seamless end-user experience.


Bridges Across Hybrid IT


  • Enterprises today are spread across on-premises and cloud infrastructure, and not every application is SaaS based.
  • PingOne offers a variety of bridges designed to reduce the pain of transitioning to the cloud.


Feature Benefit
Standards Support

Supports federated identity protocols to enable SSO to SaaS applications. Standards supported:

  • OIDC, SAML 2.0 and 1.1 for authentication.
  • SCIM 1.1 for automated inbound and outbound user provisioning
Federated Single Sign-on Offers standards-based, secure single sign-on. Supports dynamic user registration, centralized access control and just-in-time user provisioning. Integrates with existing identity investments and eliminates the need for multiple passwords.
PingFederate® Identity Bridge Bridges to PingFederate® to extend IDaaS for hybrid IT use cases.
Microsoft® Active Directory Integration Integrates with Active Directory via a small footprint agent that extends Active Directory identities to PingOne.
Identity Provider (IdP) Support Supports user identities from PingOne Directory, Active Directory, Google Apps, PingFederate and OpenID Connect providers.
Multi-factor Authentication (MFA) Integrates with PingID natively.
User Provisioning Enables you to add, delete or update users at once for all applications.
Provisioning Connectors Offers out-of-the-box integrations to connect to various applications and improve time to value.
Guided Deployment

Quick to deploy in two easy steps for 5-minute setup:

  • Select apps for your users from the thousands offered in our app catalog.
  • Invite users to access their apps.
End-user Portal Delivers one-click access to applications using the included, customizable portal or an existing portal.
Mobile Applications Provides single-click access on any device. Mobile apps available for iOS and Android.
Web-based Admin Console Centralizes administration of application configuration, user management and reporting.
Audit Reporting Aids analysis of security alerts by streaming audit logs to Splunk or other 3rd-party SIEM solutions.
High Availability / Disaster Recovery Globally distributed, load-balanced and secure, with SAS70 Type II compliant data centers. Network Operations Center monitors physical and digital performance and security 24/7/365.
Security Policies Protects transactions and data stored in PingOne with a strict set of security policies. Find more info on the Security Exhibit.

Related Resources