Automation for Ping Identity
Updated Jul. 19 2021

As seen in recent high-profile breaches, machine identities can be compromised and used to provide unauthorized access to wide range of enterprise application. Essentially a lack of Machine Identity Management provides the keys of the kingdoms to attackers. This Development Fund project by IAM experts, IDMWORKS, plans to address this challenge by automating Machine Identity Management for Ping Identity.
Solution Overview

Ping Identity provides modern authentication capabilities to organizations solving critical application needs.  Machine identities, specifically X.509 digital certificates, are used throughout the Ping infrastructure to secure administrator and user access, and most importantly to authenticate access tokens.  However, there is no easy mechanism for monitoring, requesting, and automating the lifecycle of these machine identities.  In the event these fail and/or are not maintained, this can cause application access issues and outages. Additionally, and as seen in recent high-profile breaches, machine identities can be compromised and used to provide unauthorized access to wide range of enterprise application. To address Machine Identity Management challenges, a single client with appropriate runtime options will be developed that can discover, request, and implement install certificates within the Ping Identity components.  This will help with having a central utility for the complete management of the Ping Identity environment and allow for expansion of capabilities as more Ping Identity components are added.