Creating Credentials
Credential details will vary according to the industry and the specific credentials that the issuer wants to offer. For example, in addition to name and date of birth, an insurance company might want to provide the type of insurance, policy number, and expiry date. A bank might want to include the bank account number and date of issue, and a university might want to include the type of degree obtained.
Here are a few examples of credentials that can be issued through PingOne Credentials:
PingOne Credentials allows you to define the information that you want to collect from your customer and customize the look and feel of your credential.
An issuer creates a new claim type in the form of a custom credential template. A credential template defines the field attributes required to issue a claim, the fields displayed on the credential, and an identifying logo and relevant branding. The field values can be supplied by the issuer or be taken partly from the issuer and partly from the user, such as their selfie and verified first and last name.
Environment Setup and Creating Your Credential Types
The following steps assume that you have created a PingOne account, or have access to one. If you do not have one, feel free to create a trial account at pingidentity.com. The steps below take place inside an environment of your choosing in PingOne.
Pre-req: Create your Digital Wallet Application in PingOne
Applications
in PingOne and click the + to add a new appNative App (OpenID Connect)
, complete Name.Mobile
tab, you must enter the appropriate iOS Bundle ID
or Google Play Services Package Name
. You must also set Configure for Credentials Digital Wallet
to ON
.
After you have created a Digital Wallet, ensure that your Credential Type leverages the appropriate Digital Wallet application in your Credential Type editor.
PingOne Credentials
service to your PingOne Account.Credentials -> Management
service from the sidebar.+
icon.Name
that you select becomes the credentialType
set for that specific Credential
You can create as many credential types as you'd like and they are not checked for uniqueness.
The credential attributes must be pulled from PingOne Directory attributes, Issued Timestamp, or they can be static AlphaNumeric text. You can also change the attribute name if your credential type requires a different name than what is in PingOne Directory. You must also define Issuance Rules for this Credential Type (discussed more in the Issuing Credentials section)
Important: Do not forget to enable your credential type after creation (toggle on upper right hand side).