Is there a way to integrate PingFederate with Microsoft Azure for MFA?

uobie 1 Reputation point
2022-11-29T17:44:09.26+00:00

I have the following problem which I'm trying to solve:

When an end user submits an HTTP/HTTPS request for an application then the end user gets routed to PingFederate for basic authentication. However, If the application being requires multi-factor authentication is it possible to integrate PingFederate with MS Azure so that MS Azure can MFA challenge the end user and send the result of that MFA challenge back to PingFederate? If so, what are the different options to setup this type of integration or rather what type of integration would be the best approach? Your feedback would be greatly appreciated.

Thanks,

  • IT Security Consultant
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,522 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Akshay-MSFT 17,651 Reputation points Microsoft Employee
    2022-12-01T06:20:32.98+00:00

    Hello @uobie ,

    We could integrate PingFederate with Microsoft Azure and trigger MFA conditional access. Kindly follow steps https://docs.pingidentity.com/bundle/pingid/page/pao1564020452688.html for configuration and video reference. The workflow would be as follows:

    • The user attempts to login to an application using their credentials. Their credentials are validated against Azure Active Directory.
    • Azure evaluates the Conditional Access Policy, which indicates that a PingID custom control is protecting the application.
    • Azure redirects the user to the PingID service to perform multi-factor authentication.
    • PingID performs multi-factor authentication using the configured authentication method (e.g., Swipe, Mobile App Biometrics, YubiKey, etc.). Once the user has successfully authenticated, PingID returns a response to Azure indicating a successful completion of multi-factor authentication for that user.
    • Once all the Conditional Access Policy conditions are evaluated and complete, Azure authorizes the user's access to the target application.

    265995-image.png

    Please do let me know if you have any further queries in the comments section.

    Thanks,
    Akshay Kaushik

    Please "Accept the answer", "Upvote" and rate your experience if the suggestion works as per your business need. This will help us and others in the community as well.

    2 people found this answer helpful.