PingOne Platform APIs

PingOne Protect SDK for Web

PingOne Signals (Protect) SDK for Web

Version of the Signals SDK to use

When using the PingFederate Authentication API, use the version of the Signals SDK that supports the Risk/Protect Integration Kit that you installed in PingFederate:

  • For all versions of the PingOne Protect Integration Kit, use version 5.2.10 or later of the PingOne Signals SDK.

  • For PingOne Risk Integration Kit 1.3.1, use version 5.2.10 or later of the PingOne Signals SDK.

  • For PingOne Risk Integration Kit 1.3, use version 5.0.3 of the PingOne Signals SDK.

When integrating through the PingOne API, always use the latest version of the PingOne Signals SDK

Main steps

Using the web SDK involves the following steps:

  • Importing the necessary script

  • Initializing the SDK

  • Getting the data for risk assessment

Importing the script

Import the required script by including the following code segment in each relevant page.

Update the path to match the version of the PingOne Signals SDK that you are using. Currently the latest version is 5.6.0.

 
<script
        src="https://apps.pingone.com/signals/web-sdk/5.6.0/signals-sdk.js"
        defer>
</script>

Initializing the SDK

Initialize the SDK by adding a listener for the PingOneSignalsReadyEvent event:

function onPingOneSignalsReady(callback) {
    if (window['_pingOneSignalsReady']) {
        callback();
    } else {
        document.addEventListener('PingOneSignalsReadyEvent', callback);
    }
}

Then, if you are using version 5.0.3 or earlier of the Signals SDK, use this code:

onPingOneSignalsReady(function () {
    _pingOneSignals.initSilent({
        envId : <envId>
    }).then(function () {
        console.log("PingOne Signals initialized successfully");
    }).catch(function (e) {
        console.error("SDK Init failed", e);
    });
});

The code above contains the String placeholder <envId>. Replace this with the ID of your PingOne environment.

If you are using version 5.2.1 or later of the Signals SDK, use this code:

onPingOneSignalsReady(function () {
    _pingOneSignals.init({
        // If you are using the PingFed authentication API and version 1.3 of the Integration Kit, uncomment the following line to turn off the collection of behavioral data
        // behavioralDataCollection: false
    }).then(function () {
        console.log("PingOne Signals initialized successfully");
    }).catch(function (e) {
        console.error("SDK Init failed", e);
    });
});

If you are using version 5.3.7 or later of the Signals SDK, use this code:

The example shown here includes a number of options that you can turn on in the initialization code. Some of these, such as those for the PingID Device Trust agent, have equivalent UI elements in Ping Federate and PingOne DaVinci that can be used to enable the options. If you use these UI elements, there is no need to include the options in the SDK initialization code.

 
onPingOneSignalsReady(function () {
    _pingOneSignals.init({
        // If you are using the PingFed authentication API and version 1.3 of the PingOne Risk Integration Kit, uncomment the following line to turn off the collection of behavioral data
        // behavioralDataCollection: false,
        // By default, the SDK creates a "tags" array containing the URLs visited and the time of the visit. Uncomment the following line to disable the collection of this data
        // disableTags: true,
        // Set universalDeviceIdentification to true if you want the device data in the SDK payload to be provided as a signed JWT
        // universalDeviceIdentification: true,
        // Set htmlGeoLocation to true if you want the SDK payload to include browser-based user location data if the user has provided their consent
        // htmlGeoLocation: true,
        // Set agentIdentification to true if you are using risk policies that contain the PingID Device Trust predictor
        // agentIdentification: true,
        // If you have set agentIdentification to true, use agentTimeout to specify the timeout the trust agent should use if you don't want to use the default timeout setting. Can be between 200 and 10,000 milliseconds.
        // agentTimeout: 5000,
        // If you have set agentIdentification to true, use agentPort to specify the port to use when connecting to the trust agent if you don't want to use the default port (9400)
        // agentPort: 8800
        //
    }).then(function () {
        console.log("PingOne Signals initialized successfully");
    }).catch(function (e) {
        console.error("SDK Init failed", e);
    });
});

Getting the data for risk assessment

Get the data for risk assessment by adding a call to the SDK’s getData method, for example:

_pingOneSignals.getData()
   .then(function (result) {
       console.log("get data completed: " + result)
   }).catch(function (e) {
       console.error('getData Error!', e);
});