Stats
Actions
Tags
From ping-identity-agent-plugins
Use this skill whenever the task involves designing, building, or advising on authentication flows, journeys, or orchestration logic in Ping Identity. Triggers: DaVinci flows, PingOne Advanced Identity Cloud (AIC) journeys, PingAM authentication trees, scripted decision nodes; login, registration, recovery, MFA, or step-up journey design; passwordless authentication (passkeys, FIDO2, magic links, biometric); authenticator app enrollment, TOTP, push MFA flows; transaction approvals via email or push notification (CIBA, out-of-band step-up); progressive profiling, social login, consent; flow troubleshooting; 'what nodes do I need', 'design a flow for', 'build a journey that'. When the user asks 'journey vs DaVinci flow?', 'AIC or DaVinci?', 'which orchestration platform should we use?', or 'where do I configure MFA in Ping?' without stating both a use case (workforce / CIAM / B2B) AND a platform — you MUST ask one clarifying question before recommending. Do not guess. Also invoke with /ping-orchestration.
How this skill is triggered — by the user, by Claude, or both
Slash command
/ping-identity-agent-plugins:ping-orchestrationThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Design and build authentication flows, orchestration logic, and journey-based experiences across Ping Identity platforms. MCP tools handle execution; this skill supplies design patterns, node sequencing, branching logic, and platform-specific constraints.
ping-marketplace.jsonreferences/curated/cross-platform/passkeys-and-passwordless.mdreferences/curated/pingone-mt/davinci-flow-patterns.mdreferences/curated/pingone-mt/davinci-overview.mdreferences/curated/pingone-mt/davinci-registration-and-mfa.mdreferences/curated/pingone-st/journey-design-patterns.mdreferences/curated/pingone-st/journey-use-cases/account-recovery-and-username-reminder.mdreferences/curated/pingone-st/journey-use-cases/financial-services-step-up.mdreferences/curated/pingone-st/journey-use-cases/mfa-authentication-multi-method.mdreferences/curated/pingone-st/journey-use-cases/mfa-method-selection-registration.mdreferences/curated/pingone-st/journey-use-cases/password-reset-and-update.mdreferences/curated/pingone-st/journey-use-cases/passwordless-mfa-registration.mdreferences/curated/pingone-st/journey-use-cases/pingone-protect-risk-integration.mdreferences/curated/pingone-st/journey-use-cases/progressive-profiling.mdreferences/curated/pingone-st/journey-use-cases/social-and-local-registration-authentication.mdreferences/curated/pingone-st/nodes/basic-auth-nodes.mdreferences/curated/pingone-st/nodes/federation-contextual-nodes.mdreferences/curated/pingone-st/nodes/identity-management-nodes.mdreferences/curated/pingone-st/nodes/mfa-nodes.mdreferences/curated/pingone-st/nodes/node-fundamentals.mdDesign and build authentication flows, orchestration logic, and journey-based experiences across Ping Identity platforms. MCP tools handle execution; this skill supplies design patterns, node sequencing, branching logic, and platform-specific constraints.
Invoke this skill explicitly with /ping-orchestration or by saying "use ping-orchestration to...".
Trigger on ANY question — including advisory, planning, and "what nodes do I need" requests, not just implementation — when the task involves:
ping-foundation firstping-foundationping-universal-servicesping-app-integrationping-quickstart first| Sequence | Skill |
|---|---|
| Before: tenant, realm, identity store, app configured | ping-foundation |
| After: risk scoring, MFA step-up, identity verification | ping-universal-services |
| After: wire flow into web, mobile, or SDK app | ping-app-integration |
Scan available tools for MCP tools that can perform the required operation. If matching tools are available, run the MCP config preflight first, then use them. Otherwise, proceed with curated references. See references/runtime/mcp-preflight.md for MCP config and Cursor preflight steps.
| Platform signal | Branch |
|---|---|
| PingOne Advanced Identity Cloud (AIC), PingAM, identity cloud, ForgeRock lineage | PingOne Advanced Identity Cloud |
| PingOne + DaVinci | PingOne / DaVinci |
Sub-routing by task and journey use case: see references/curated/pingone-st/routing-index.md.
Quick reference — node families:
| Task | Reference |
|---|---|
| Journey design principles, patterns, resilience, security | references/curated/pingone-st/journey-design-patterns.md |
| Node composition rules, PageNode usage, child node gotchas | references/curated/pingone-st/nodes/node-fundamentals.md |
| Username/password, passthrough auth, session entry, lifecycle outcomes | references/curated/pingone-st/nodes/basic-auth-nodes.md |
| MFA: WebAuthn, OATH, push, OTP, recovery codes | references/curated/pingone-st/nodes/mfa-nodes.md |
| Risk scoring, lockout, CAPTCHA, auth level, PingOne Authorize | references/curated/pingone-st/nodes/risk-management-nodes.md |
| Registration, attributes, consent, KBA, T&C, social login, SelectIdP | references/curated/pingone-st/nodes/identity-management-nodes.md |
| Scripting, page composition, session, state, async, polling, LoginCount | references/curated/pingone-st/nodes/utility-nodes.md |
| SAML/OIDC federation, Twilio Verify, device/cookie/cert | references/curated/pingone-st/nodes/federation-contextual-nodes.md |
Sub-routing by task:
| Task | Reference |
|---|---|
| DaVinci flow concepts, connectors, variables, versioning | references/curated/pingone-mt/davinci-overview.md |
| DaVinci flow design patterns (login, registration, step-up, error) | references/curated/pingone-mt/davinci-flow-patterns.md |
| DaVinci registration + email verification + MFA enrollment/step-up | references/curated/pingone-mt/davinci-registration-and-mfa.md |
| Task | Reference |
|---|---|
| Passkeys / passwordless / FIDO2 design across PingOne, PingOne Advanced Identity Cloud (AIC), Ping Software | references/curated/cross-platform/passkeys-and-passwordless.md |
Load 1–3 curated anchors for the detected platform/task; stop if sufficient.
| If the task also involves... | Reference skill |
|---|---|
| Platform setup not yet complete | ping-foundation |
| Shared services (Protect, Verify, IGA, Credentials) within the flow | ping-universal-services |
| App/SDK code integration | ping-app-integration |
| Platform selection or orientation | ping-quickstart |
npx claudepluginhub pingidentity/agent-plugins --plugin ping-identityProvides CDSS development patterns for drug interaction checking, dose validation, clinical scoring (NEWS2, qSOFA), and alert classification integrated into EMR workflows.