I primarily use the platform for OAuth and SAML-enabled applications, especially third-party and SaaS applications. I utilize the SAML protocol for those that support SAML, while for OAuth-supporting applications, I use OAuth, OIDC, and OpenID tokens. Additionally, for server-to-server communication, I employ the client credentials grant. For mobile-based native applications that require refresh tokens, I utilize those as well. I manage OAuth client ID registrations for certain SaaS applications and implement various authorization flows, such as Kerberos authentication for intranet requests and form-based authentication for external network requests. Furthermore, I have integrated Multi-Factor Authentication (MFA) to enhance the security of critical applications.
Sr IAM Consultant at a healthcare company with 10,001+ employees
Provides effective biometric authentication methods and has good technical support services
Pros and Cons
- "From a security perspective, I highly value the product's biometric authentication methods such as FIDO, FaceID, YubiKey, and the mobile app."
- "There is room for improvement in the solution, particularly in security."
What is our primary use case?
What is most valuable?
From a security perspective, I highly value the product's biometric authentication methods such as FIDO, FaceID, YubiKey, and the mobile app. These methods provide a higher security level than email authentication, which can be compromised if the email is breached.
What needs improvement?
There is room for improvement in the solution, particularly in security. With the increase in phishing attacks, organizations are moving towards passwordless authentication, which is the best approach.
It involves checking certificate authentication or other methods instead of relying on user-entered passwords. This is where Multi-Factor Authentication becomes crucial.
For how long have I used the solution?
I have been using Ping Identity Platform for almost 13 to 14 years.
Buyer's Guide
Ping Identity Platform
December 2024
Learn what your peers think about Ping Identity Platform. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
What do I think about the stability of the solution?
The product is stable overall, with most issues arising from integration with other systems like Splunk. Weekly restarts help maintain stability and minimize the risk of crashes due to system connections.
What do I think about the scalability of the solution?
The solution has supported varying numbers of users across different organizations, ranging from 65,000 to 70,000 users in my current environment to handling millions of requests per hour in previous organizations.
Scalability can present challenges, depending on what needs to be scaled. For example, adding servers is straightforward, but care must be taken to avoid disrupting existing environments during integration. Increasing memory or heap size is seamless, and I can restart one server at a time without any issues.
How are customer service and support?
The customer support team is quite responsive and knowledgeable. Whenever I encounter any issues or require assistance, they quickly provide solutions.
How would you rate customer service and support?
Positive
How was the initial setup?
The setup is generally straightforward, but it can depend on the environment. For example, in a previous organization, two companies merged, each with its own Active Directory and identity management instances. I had to build a new environment to match both the SSO-enabled applications. Although the process was straightforward, it depended highly on the organization’s architecture and requirements.
The deployment timeline depends on the availability of the application team. I aim to make SSO seamless between environments, avoiding multiple authentication logins for end users. Typically, the implementation takes about a month, considering network ACLs and other configurations. However, migrating applications can be challenging and may take months. My last project took almost one and a half to two years to complete the migration process.
What's my experience with pricing, setup cost, and licensing?
The platform's value justifies the pricing, especially considering its security features and scalability. While it might seem a bit higher, the return on investment regarding security and efficiency is well worth it. The pricing is appropriate for the level of service and capabilities the platform delivers.
Which other solutions did I evaluate?
I have evaluated other solutions in the past, but I found this platform to be the most comprehensive regarding security, scalability, and ease of integration. Its strong support for various authentication protocols like OAuth, SAML, and MFA, along with its robust disaster recovery capabilities and adaptive clustering model, made it the ideal choice for our organization's needs.
What other advice do I have?
I use Ping Identity Platform as the Multi-Factor Authentication solution. Once the first level of authentication is completed with a user ID, password, or card authentication, the request is directed to PingID. I have configured profiles that allow the use of devices like the mobile Ping app. I also use email in some scenarios, although I prefer FIDO authentication methods like YubiKey or FaceID for enhanced security.
I have integrated the platform into all environments using an adaptive clustering model that operates in an active-active configuration. Two regions are active-active, while the third serves as a passive disaster recovery region. When integrating new applications, I follow a structured process, beginning with intake forms to determine whether OAuth or SAML is required, depending on whether the application is accessing internal or external systems. ServiceNow tickets are used for configuration. This adaptive clustering ensures that the requests are automatically routed to the disaster recovery center if two data centers are down.
It includes a centralized tool where users can create their OAuth client IDs. However, I do not recommend this practice as it can lead to unnecessary client IDs and access tokens, increasing system load. Instead, I have developed a controlled process where users can request what they need, and the request is then sent to me for approval. This approach ensures that the process is managed effectively.
Overall, my experience with the solution has been very positive. It has played a crucial role in enhancing the security and efficiency of our access management processes. While there are always areas for improvement, particularly in terms of scalability and phishing resistance, it has consistently met our expectations. I would highly recommend it to organizations looking for a reliable and secure access management solution.
I rate it an eight.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Aug 19, 2024
Flag as inappropriateLevel 3 it security engineer at a manufacturing company with 5,001-10,000 employees
Offers good support and multifactor authentication
Pros and Cons
- "The mobile biometric authentication option improved user experience. It's always about security because, with two-factor authentication, it's always a separate device verifying the actual user logging in."
- "The management console needs to be improved. PingID should revise it."
What is our primary use case?
I've been managing it in my company. I am more on the implementation side.
How has it helped my organization?
We implement the MFA feature, multifactor authentication and administrate the application.
When it comes to authentication, the focus is always on security. That means using a separate device to verify the user logging in.
On the security side, PingID adds an extra layer, contributing about 20% of the overall security. Then, authentication brings more advanced features and contributes further.
PingID excels in managing user access and profiles. That's where it integrates most deeply with the existing systems.
What is most valuable?
The most valuable feature is the two-factor authentication (2FA).
The mobile biometric authentication option improved user experience. It's always about security because, with two-factor authentication, it's always a separate device verifying the actual user logging in.
What needs improvement?
The management console needs to be improved. PingID should revise it.
For how long have I used the solution?
I have been using it for a year.
What do I think about the stability of the solution?
I would rate the stability an eight out of ten because there had been some issues.
What do I think about the scalability of the solution?
I would rate the scalability a seven out of ten. PingID is adapting to most challenges.
We have small and medium businesses as our customers.
How are customer service and support?
We get support. The support engineers are good. They are quite proactive.
How would you rate customer service and support?
Positive
How was the initial setup?
I would rate my experience with the initial setup a seven out of ten, with ten being easy to set up.
The initial setup is not too complex. Deployment is really quick and typically the entire process takes two hours.
What's my experience with pricing, setup cost, and licensing?
The pricing is neither too expensive nor too cheap.
What other advice do I have?
Overall, I would rate the solution an eight out of ten because there is room for improvement in terms of usability.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
Buyer's Guide
Ping Identity Platform
December 2024
Learn what your peers think about Ping Identity Platform. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
Senior Staff Technical Program Manager at a manufacturing company with 10,001+ employees
A robust cloud-based multi-factor solution with a good customer support team
Pros and Cons
- "It is a scalable solution...It is a stable solution."
- "In the beginning, the initial setup was very complex."
What is our primary use case?
From a user perspective, if you need to get into our VPN or virtual private network, which is for remote people, there is protected data behind a vault.
And if you need access to the vault, you must use a multi-factor and PingID. Additionally, vicariously, people have to use multi-factor to get into applications. The final aim is to get into laptops and desktops, and you have to use Multi-factor to restart or unlock your PC. You have to use multi-factor. The way that we do multi-factor here is we give the users a choice of using a phone or a Ubiquiti as to something they have.
So after they type in their password and username, they're prompted for a device that they have registered, and they have their choice of a phone or a Ubiquiti, or both.
How has it helped my organization?
I wonder if there are multi factors in improving. It's always a deterrent to productivity, naturally. Since I've been on this journey for three years, I've seen the product improve in the sense that it's less impact on productivity. In the beginning days, we had challenges with paying, finding the network, and signing its back-end service in the cloud. However, that's been drastically improved over the years.
The other thing we did was allow users to manage their device profiles. So they can either go in and register on Ubiquiti or a phone directly with the user interface now or web interface, and they can also set their default device which they want to use. So they, like Ubiqui working with PingID, tend to be the default of choice. So they set their Ubiquiti to the default device. And then whenever MFA is prompted, they have the Ubiquiti or default device. So that was a great improvement. And the way we implemented PingID, it's the same user interface regardless if you're getting into VPN, the vault applications, or a laptop or desktop.
So it's the same user interface to manage profiles centrally on a server. Hence if they change it for one use case, they change it for another.
What is most valuable?
It's the device management portal where users can manage it themselves. So before that, they'd have to call IT support to rearrange their default device in the profile, but now they can do it themselves.
What needs improvement?
PingID is feature rich. We've prototyped some of their step-up authentications. In certain circumstances, like geofencing, they can waive the MFA requirement because they're in a trusted area that's physically secured. We've prototyped that but have not rolled anything like that out. So, the aforementioned details can be considered for future improvements and changes in the product.
For how long have I used the solution?
I have been using the solution for over three years.
What do I think about the stability of the solution?
It is a stable solution.
What do I think about the scalability of the solution?
It is a scalable solution. I've never really had problems where it's going down in one region. Well, even if it does, I don't notice it because the failover is working. 43,000 users are using the solution.
I would say the scalability is an eight or a nine.
How are customer service and support?
The technical support team is good. We have some enhancement requests for them, and I think our people have a weekly call with them where they bring things up. They notify us of security vulnerabilities.
How was the initial setup?
In the beginning, the initial setup was very complex. We had to ensure it was always available so there was a fail over. We had to have a mirror environment. It was complex in the early days three years ago, but it's matured quite a bit over the past three years. The solution is deployed on the cloud.
What was our ROI?
I see an ROI. It's not a revenue generator. So it's purely from a cost perspective, but on the other hand, because we protect so much of our data now through multi-factor, I don't know the statistics of how many times we've been hacked or passwords were stolen. But because we have done that, we've probably saved ourselves a lot of money in reputational damage in breach recovering from breaches.
What other advice do I have?
On the technology stack we're currently using, we're exploring other technologies based on our platform and it includes many of our products. But we may explore other technologies to make it more seamless. But PingID is going to stay. We want to use something like biometrics to make it easier for shop floor workers. But if anything, I need an expansion of PingID.
It's a good, stable product, and they've served our needs very well. They've been very responsive, and the product is scalable. It's pretty robust. The desktop is customized to what we do here at GE, but they work a bit with us on it. So it's an excellent product.
I rate the overall solution a nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Associate General Manager at a tech services company with 10,001+ employees
Used to protect the application and enable the single sign-on
Pros and Cons
- "Setting up the infrastructure with Ping Identity Platform is very easy compared to other IAM products."
- "PingAccess can only have one token provider, and you cannot enable two different token providers simultaneously."
What is our primary use case?
I use the solution to protect the application and enable the single sign-on.
What is most valuable?
Setting up the infrastructure with Ping Identity Platform is very easy compared to other IAM products. You just have to unzip the folder, and your Ping infrastructure is ready. With very limited changes, you can prepare your infrastructure with Ping Identity Platform.
What needs improvement?
PingAccess can only have one token provider, and you cannot enable two different token providers simultaneously. Nowadays, people are migrating from on-premises to the cloud and may want to run the on-premises and cloud versions simultaneously. In other words, they may want to enable two token providers at the same time. That feature is not available in PingAccess.
PingFederate has limitations with cookie size, and it does not support larger cookie sizes. We also have some concerns about the cookie size.
For how long have I used the solution?
I have been using Ping Identity Platform for five years.
What do I think about the stability of the solution?
Ping Identity Platform is a stable solution.
How are customer service and support?
We had a good experience with the solution's technical support team.
How was the initial setup?
It is very easy to set up the infrastructure with Ping Identity Platform compared to other on-premises solutions.
What other advice do I have?
I would recommend the solution to other users. Compared to other IAM products, Ping Identity Platform is a stable and easy-to-maintain product with many features that can be enabled. It is easy for a beginner to learn to use the solution if he has a basic understanding of technical skills and networking.
Overall, I rate the solution an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Jun 30, 2024
Flag as inappropriateCyberSecurity Executive IAM Engineer at Tata Consultancy
A stable solution with good customer support
Pros and Cons
- "We use the product to run different reports."
- "We have encountered instances where it is not easy to do authentication."
What is our primary use case?
We use the product to run different reports.
What needs improvement?
We have encountered instances where it is not easy to do authentication.
For how long have I used the solution?
I have been using the product for two years.
What do I think about the stability of the solution?
I would rate the tool's stability a ten out of ten.
What do I think about the scalability of the solution?
My company has 1000 users for the product.
How are customer service and support?
My experience with the support team is good.
How was the initial setup?
The product's setup is easy if you have all the information and support.
What other advice do I have?
I would rate the product a nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Global Lead, Developer Relations at Popout, Inc.
Provides SSO integration at a competitive pricing
Pros and Cons
- "The only feature we were looking for in PingID was SSO integration with our existing web app."
- "PingID should put a little more effort into making a pretty self-explanatory deck about their tech features and the services they offer."
What is most valuable?
The only feature we were looking for in PingID was SSO integration with our existing web app. However, they have good support towards MFAs, SSO, and other authentication methods that are either already included in the current plan or made available with a minor upgrade.
What needs improvement?
PingID should put a little more effort into making a pretty self-explanatory deck about their tech features and the services they offer. I suggested this improvement directly to the sales manager, who was friendly enough to take that feedback.
What do I think about the scalability of the solution?
PingID is a reputed solution. I was already aware of PingID because we used PingID as a solution for all our login functionalities in my previous company. When I had an opportunity to add these capabilities to my new organization, PingID was one of my first choices. It's not because I'm biased but because I already knew the solution was scalable.
How are customer service and support?
The solution architect and the sales managers gave the initial support. PingID's support portal is confusing, and it took a couple of back-and-forths to get some support from the support folks. However, the account manager did help us with the support questions by putting us in touch directly with some of the engineers. I rate PingID an eight and a half out of ten for customer support.
How would you rate customer service and support?
Positive
How was the initial setup?
PingID’s initial setup was pretty straightforward.
What about the implementation team?
The initial deployment with POC took about a month, and the actual production deployment took about a couple of weeks, maybe around four weeks or so. About four engineers, including a tech architect, were involved in the solution's deployment.
What's my experience with pricing, setup cost, and licensing?
PingID's pricing is pretty competitive.
What other advice do I have?
PingID's team was pretty good. We were trying to build a solution and wanted to deploy it for only a couple of hundreds of customers. We didn't want to sign up for a 1,500 or 5,000 feet plan. PingID was pretty understanding about our needs and provided us with great plans for the smallest fee they could provide. We had good negotiations with them, and they were pretty friendly. PingID provided all the required technical support even before we signed up. The sales manager ensured he supported me throughout the process, and we signed a deal with PingID.
Overall, I rate PingID an eight and a half out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Stable, popular with customers, and has a good mobile application
Pros and Cons
- "It's pretty stable as a product."
- "The timing of the token validity, if it could be extended, would be great. I'm not sure if there is even an option to configure these types of settings."
What is our primary use case?
We have integrated PingID with different applications. Mainly the internet-facing applications.
What is most valuable?
PingID is very good.
It's pretty stable as a product.
We've never faced any issues, at least with the data applications integration.
The customers really like it.
The mobile application is very good.
What needs improvement?
Many times when we are authenticating, we'd like the freedom to set the time. Maybe it needs to be slightly longer. I understand that this is work based on the token exchange and so on. The timing of the token validity, if it could be extended, would be great. I'm not sure if there is even an option to configure these types of settings.
Before we can authenticate it, it ends up in an error. And then we'll have to create everything all over again, in terms of launching the application.
I'm not sure if the experience on the desktop is good or not. I've heard some feedback that it's not that good. It's better to use it on mobile. Perhaps the user experience on the desktop Ping application could be improved. I haven't used it personally. I just heard from my colleagues about some experience with that.
For how long have I used the solution?
I have probably been working with the solution for about two years or so.
What do I think about the stability of the solution?
The stability is very good. There are no bugs or glitches. It doesn't crash or freeze. It's reliable.
What do I think about the scalability of the solution?
Almost everyone is working on the solution. It's used company-wide. All these people consume this application, however, it's really a central team who does the provisioning of the services to the entire organization.
How are customer service and technical support?
I've never reached out for technical support due to the fact that we have an internal team here in Germany. They are providing this as a service to the other regions a well. We haven't needed the assistance of the product's technical support.
Which solution did I use previously and why did I switch?
We also use Symantec SiteMinder. We are using both, however, we will completely switch to PingID in the future.
How was the initial setup?
I can't speak to the initial setup process. In terms of maintenance, the number of people needed depends on the central team's capability or capacity.
What's my experience with pricing, setup cost, and licensing?
We don't directly deal with the licenses. It's basically purchased by the central team and we are just consuming it through the common APIs. I really couldn't comment on the pricing at the moment.
Which other solutions did I evaluate?
We are considering switching to other products. Therefore, we're looking to evaluate other options. We are looking to have a seamless single sign-on and federated authentication.
What other advice do I have?
We are a customer and an end-user.
Currently, the solution fulfills the use cases that we currently have. That's pretty much it. I'm not sure about the configuration or on the infrastructure side. Maybe the team who does this infrastructure setup would have better insights. However, overall, it's a pretty seamless experience, I would say.
I'd rate the solution at an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Structural Engineer II at a manufacturing company with 10,001+ employees
Provides authentication through OIDC and SAML but needs improvement in UI
Pros and Cons
- "The product's most valuable features include its cloud-based capabilities for handling cloud applications and providing authentication and authorization through OIDC and SAML. It also supports integrations needed for both local and internal applications, including legacy applications requiring web server access."
- "Ping Identity Platform must improve its UI since its management console is complicated."
What is most valuable?
The product's most valuable features include its cloud-based capabilities for handling cloud applications and providing authentication and authorization through OIDC and SAML. It also supports integrations needed for both local and internal applications, including legacy applications requiring web server access.
What needs improvement?
Ping Identity Platform must improve its UI since its management console is complicated.
What do I think about the stability of the solution?
In my experience with basic projects, I haven't encountered downtime. However, there have been instances where some application integrations faced challenges that needed resolution. Server issues or downtime haven't been significant. Overall, I would rate it as stable.
How are customer service and support?
I have opened a case, and the tech support responded quickly. I google the issues.
How would you rate customer service and support?
Neutral
What other advice do I have?
I rate the overall product a seven out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Jun 17, 2024
Flag as inappropriateBuyer's Guide
Download our free Ping Identity Platform Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Product Categories
Authentication Systems Single Sign-On (SSO) Data Governance Identity and Access Management as a Service (IDaaS) (IAMaaS) Access Management Customer Identity and Access Management (CIAM) Directory ServersPopular Comparisons
Microsoft Entra ID
Okta Workforce Identity
Fortinet FortiAuthenticator
Cisco Duo
Yubico YubiKey
RSA SecurID
CyberArk Identity
Symantec VIP Access Manager
Entrust Identity Enterprise
Nok Nok Labs
Buyer's Guide
Download our free Ping Identity Platform Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- I'm building a next-gen AI powered threat intelligence platform. What's missing from existing solutions?
- OpenIAM vs Ping identity
- Which IDaaS solution do you prefer and why?
- When evaluating Authentication Systems, what aspect do you think is the most important to look for?
- Why is Authentication Systems important for companies?
- Which front-end product for authorization and authentication into an Apache Web Server application, PIXIA, would you recommend?
- What is the difference between SPML and SAML?
- How would you compare Cisco Duo Security with other Authentication Systems products?
- What is CAPTCHA and how does it work? How can you use it for Artificial Intelligence (AI)?
- What are some alternatives for UserLock?