PingID MFA Access Requirements

Ping ID Identity Access Needs

Why do we need access to your PingID instance?

The Moveworks service interacts with your PingID instance to help employees associate their PingID with their mobile device so they can approve or reject authentication requests. Our services also help them create a bypass code to log in when their device is unavailable. Specifically, Moveworks takes the following actions in your PingID instance:

  • Retrieves user details from PingID based on their email addresses.
  • Creates PingID activation URLs for employees to reset the pairing between their existing PingID factor and set up a new factor.

Note: Configuring this access will only grant permissions to perform PingID MFA related operations and not any PingOne related operations.

  1. Log into Ping One Portal at
  2. On the top navigation bar, click on Setup and then select PingID and navigate to the Client Integration Section.
  3. To generate a new PingID properties file, click on + Generate and then click Save. Name this entry “Moveworks PingID Integration”. A new entry will be added to the Properties file list showing the new PingID Properties file.
    Note: if you have already generated three PingID Properties files, skip to the next step.
  4. In the Client Integration Section, you will need to download the file by clicking on Download under the Integrate with PingFederate and Other Clients sub section.
  5. Securely send your Moveworks Customer Success representative the properties file as shown below.