> ## Documentation Index
> Fetch the complete documentation index at: https://docs.wirespeed.co/llms.txt
> Use this file to discover all available pages before exploring further.

# PingOne

> Ingest PingOne audit activities and risk evaluations into Wirespeed

<Info>
  This integration is currently in beta. PingOne audit activities and risk evaluations
  are ingested as informational events while we finalize more detailed mappings.
</Info>

## Prerequisites

Before connecting PingOne, make sure you have:

1. Access to the PingOne admin console for the environment you want to monitor
2. A PingOne worker application that can use the `client_credentials` grant
3. The PingOne environment ID for the environment you want Wirespeed to read
4. A license that includes PingOne Protect if you want to ingest risk evaluations
5. Roles assigned to the worker application that allow it to read audit activities and risk evaluation data

## Step 1: Create a Worker Application

1. Sign in to the PingOne admin console
2. Open the environment you want Wirespeed to monitor
3. Navigate to **Applications**
4. Create a new **Worker** application
5. Enable the `client_credentials` grant type
6. Ensure the **Token Endpoint Auth Method** is set to **Client Secret Basic** (this is the default)
7. Save the application

## Step 2: Assign the Required Access

1. Open the worker application you created
2. Assign the roles needed to read:
   * Audit activities for the environment
   * PingOne Protect risk evaluations for the environment
3. Save the role assignments

<Tip>
  If you are unsure which narrow roles to use, start with an environment-level admin role.
</Tip>

## Step 3: Collect the Connection Details

From the PingOne admin console, copy the following values:

* **Environment ID**
* **Client ID**
* **Client Secret**
* **Region** for the environment

Use one of these region codes in Wirespeed:

| Region         | Code | API Domain           | Auth Domain           |
| -------------- | ---- | -------------------- | --------------------- |
| North America  | `NA` | `api.pingone.com`    | `auth.pingone.com`    |
| Canada         | `CA` | `api.pingone.ca`     | `auth.pingone.ca`     |
| European Union | `EU` | `api.pingone.eu`     | `auth.pingone.eu`     |
| Australia      | `AU` | `api.pingone.com.au` | `auth.pingone.com.au` |
| Singapore      | `SG` | `api.pingone.sg`     | `auth.pingone.sg`     |
| Asia-Pacific   | `AP` | `api.pingone.asia`   | `auth.pingone.asia`   |

## Step 4: Add the Integration in Wirespeed

1. Log in to **Wirespeed**
2. Navigate to **Integrations** > **Add Integration**
3. Select **PingOne**
4. Enter the following:
   * **PingOne Region**: `NA`, `CA`, `EU`, `AU`, `SG`, or `AP`
   * **Environment ID**
   * **Client ID**
   * **Client Secret**
5. Click **Integrate**

Wirespeed will exchange your worker application credentials for an access token and
begin polling PingOne for new data.

<Tip>
  During setup, Wirespeed validates that the worker application can read audit
  activities for the selected environment. If that required check fails, the
  integration will not enable. PingOne Protect access remains optional: if risk
  evaluations are unavailable, the integration still enables and continues
  collecting audit activities.
</Tip>

## What Wirespeed Collects

Wirespeed currently ingests the following from PingOne:

* Audit activities from the PingOne audit reporting APIs
* Risk evaluation records from PingOne Protect

## Troubleshooting

* If authentication fails during setup, confirm the worker application is configured for `client_credentials` with the **Token Endpoint Auth Method** set to **Client Secret Basic** (not Client Secret Post)
* If setup fails while validating audit activity access, confirm the selected region and environment ID are correct and the worker application can read audit data in the target environment
* If risk evaluations are missing after setup succeeds, confirm PingOne Protect is licensed in the environment and the worker application can read risk evaluation data
* If you are unsure which region to use, verify the PingOne environment's regional domain in the admin console and match it to the table above
