Configure PingOne for Arctic Wolf Active Response

With the Active Response service, Arctic Wolf® can perform identity-based response actions in your network using PingOne®.

PingOne supports these response actions:

  • Disable/Enable a user
  • Force a password reset
For more information, see Response action descriptions.

These resources are required:

  • Administrator permissions for the PingOne admin console
  • Contact your CST to validate the Active Response integration. Have a device or environment ready that Arctic Wolf can use to validate the desired response actions without causing interruptions.

Create a worker application

  1. Sign in to the PingOne admin console with administrator permissions.
    For more information, see Accessing the PingOne admin console.
  2. Navigate to Applications > Applications.
  3. Click .
  4. In the Add Application window, configure these settings:
    • Application Name — Enter a unique and descriptive name for the application.
    • Description — (Optional) Enter a description.
    • Application Type — Select Worker.
  5. Click Save.
  6. On the Roles tab, click Grant Roles.
  7. Click the Identity Data Admin section.
  8. In the Environments section, select the Administrators checkbox.
  9. Click Save.
  10. Copy the Environment ID, Client ID, and Client Secret, and then save them in a safe, encrypted location.

    You will provide these values to Arctic Wolf later.

Provide PingOne Active Response credentials to Arctic Wolf

  1. Sign in to the Arctic Wolf Unified Portal.
  2. In the navigation menu, click Organization Profile > Integrations.
  3. On the Active Response tab, click New Active Response Integration +.
  4. Click PingOne.
  5. On the New Active Response Integration page, configure these settings:
    • Integration Name — Enter a unique and descriptive name for the integration.
    • Base URL — Enter https://api.pingone.com/v1 in the field.
    • Base Auth URL — Enter https://auth.pingone.com in the field.
    • Client ID — Enter the client ID from Create a worker application.
    • Client Secret — Enter the client secret from Create a worker application.
    • Environment ID — Enter the environment ID from Create a worker application.
  6. Click Save Integration.