Compatibility
Supported server versions
The Ping (ForgeRock) Login Widget supports the following server versions:
-
PingOne Advanced Identity Cloud
-
PingAM 6.5, 7.0, 7.1, 7.2, 7.3, 7.4, 7.5, 8.0, and later
Supported operating systems and browsers
Minimum supported Desktop browser versions
-
Chrome 83
-
Firefox 77
-
Safari 13
-
Microsoft Edge 83 (Chromium)
Supported Mobile browsers
-
iOS (Safari) - Two most recent major versions of the operating system.
-
Android (Chrome) - Two most recent major versions of the operating system.
JavaScript Compatibility with WebViews
A WebView allows you to embed a web browser into your native Android or iOS application to display HTML pages, and run JavaScript apps.
For example, the Android system WebView is based on the Google Chrome engine, and the iOS WebView is based on the Safari browser engine.
However, it is important to note that WebViews do not implement the full feature set of their respective browsers. For example, some of the browser-provided APIs that the Ping (ForgeRock) Login Widget requires are not available in a WebView, such as the WebAuthn APIs.
In addition, there are concerns that a WebView does not provide the same level of security as their full browser counterparts.
As the Ping (ForgeRock) Login Widget requires full, spec-compliant, browser-supplied APIs for full functionality we do not support usage within a WebView.
We also do not support or test usage with any wrappers around WebViews.
Whilst you might be able to implement simple use-cases using the Ping (ForgeRock) Login Widget within a WebView, we recommend that you use an alternative such as opening a full browser, or using an in-app instance of a full browser such as Custom Tabs for Android or SFSafariViewController for iOS.
Supported authentication journey callbacks
The Ping (ForgeRock) Login Widget support the following authentication journey callbacks when using the following servers:
-
PingOne Advanced Identity Cloud
-
PingAM
| Callback name | Callback description | Supported? |
|---|---|---|
SDK 2.1 |
Collects true or false. |
✅ |
|
Collects single user input from available choices, retrieves selected choice from user interaction. |
✅ |
|
Retrieve a selected option from a list of options. |
✅ |
SDK 2.0 |
Prompts the user to consent to share their profile data. |
❌ |
|
Cryptographically bind a mobile device to a user account. |
❌ |
SDK 2.0 |
Collects meta and/or location data about the authenticating device. |
✅ |
|
Verify ownership of a bound device by signing a challenge. |
❌ |
|
Returns form values that are not visually rendered to the end user. |
✅ |
|
Provides the information required for connecting to an identity provider (IdP) for social sign-on. |
✅ |
|
Collects knowledge-based answers. For example, the name of your first pet. |
✅ |
|
Injects key-value metadata into the authentication process. For example, the WebAuthn nodes use this callback to return the data the SDK requires to perform authentication and registration. |
✅ |
|
Collects a username. |
✅ |
SDK 2.1 |
Collects a number. |
✅ |
|
Collects a password or one-time pass code. |
✅ |
SDK 4.4 |
Collects captured contextual data from the client to perform risk evaluations. |
✅ |
SDK 4.4 |
Instructs the client to start capturing contextual data for risk evaluations |
✅ |
|
Instructs the client to wait for the given period and resubmit the request. |
✅ |
|
Provides data required to use a CAPTCHA in your apps. |
✅ |
|
Provides data required to use reCAPTCHA Enterprise in your apps. |
✅ SDK 4.6 |
|
Redirects the user’s browser or user-agent. |
✅ |
|
Provides a list of identity providers (IdPs) users can choose from to perform social sign-on. |
✅ |
SDK 2.0 |
Collects the values of attributes for use elsewhere in a tree. |
✅ |
SDK 2.1 |
Pause and resume authentication, sometimes known as "magic links". |
✅ |
SDK 2.0 |
Collects a user’s acceptance of the configured Terms & Conditions. |
✅ |
|
Collects text input from the end user. For example, a nickname for their account. |
✅ SDK 3.4 |
|
Provides a message to be displayed to a user with a given message type. |
✅ |
( |
Some nodes use the In this case the |
✅ |
SDK 2.0 |
Collects a password value with optional password policy validation. |
✅ |
SDK 2.0 |
Collects a username value with optional username policy validation. |
✅ |
Show the nodes that might return each callback
The table below lists the nodes that might return supported callbacks.
The actual callbacks a node returns depends on its configuration. It might not return all the callbacks listed in this table.
| Callback | Auth nodes that might return callback |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Show the callbacks each node might return
The table below lists the supported callbacks that a node might return.
The actual callbacks a node returns depends on its configuration. It might not return all the callbacks listed in this table.
Auth node |
Callbacks the node might return |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(1) The WebAuthn Authentication node and the WebAuthn Registration node both use a MetaDataCallback when the Return challenge as JavaScript is NOT enabled.
The Ping (ForgeRock) Login Widget handles either the MetaDataCallback or the JavaScript-based payload.