Policies
Authorization policies specify the statements (directives that instruct the policy decision service to perform additional processing in conjunction with an authorization decision), conditions (authorization logic comparing one thing to another), and combining algorithms (the process for combining multiple rules) to determine an authorization decision.
This enables you to build policies that answer the question "Should this resource-access request be permitted or denied?. The PingAuthorize policies endpoint allows you to create, read, update, and delete policies.
|
For detailed information about PingAuthorize policies, refer to Policy management in the PingAuthorize Policy Administration Guide. |
Authorization policy data model
| Property | Type? | Required? | Mutable? | Description |
|---|---|---|---|---|
|
Array |
Optional |
Mutable |
The list of child policies or rules. Can be either referenced or embedded. |
|
Object |
Required |
Immutable |
The algorithm that determines how rules are combined to produce an authorization decision. For details, refer to Rules. |
|
Object |
Optional |
Mutable |
The authorization condition object. |
|
String |
Optional |
Mutable |
The authorization policy resource’s description. |
|
Boolean |
Optional |
Mutable |
Whether the Policy is disabled or not. |
|
String |
N/A |
Read only |
The policy resource’s unique identifier. |
|
String |
Required |
Mutable |
A user-friendly policy name. The |
|
Object |
Optional |
Mutable |
Applies the policy to each item of the specific attribute, filtered by decision. |
|
Boolean |
N/A |
N/A |
Whether the Policy is shared or not. |
|
Object |
Optional |
Mutable |
A collection of Statement IDs, refer to Statements. |
|
String |
N/A |
N/A |
A collection of Target IDs. |
|
String |
Required |
Mutable |
The attribute type. Value is always |
|
String |
Required |
Read only |
The unique version ID of the Policy. |
Authorization policy representation data model
| Property | Type? | Required? | Mutable? | Description |
|---|---|---|---|---|
|
Array |
Optional |
Mutable |
The list of child policies or rules. Can be either referenced or embedded. |
|
Object |
Required |
Immutable |
The algorithm that determines how rules are combined to produce an authorization decision. For details, refer to Rules. |
|
Object |
Optional |
Mutable |
The authorization condition object. |
|
String |
Optional |
Mutable |
The authorization policy resource’s description. |
|
Boolean |
Optional |
Mutable |
Whether the Policy is disabled or not. |
|
String |
N/A |
Read only |
The policy resource’s unique identifier. |
|
String |
Required |
Mutable |
A user-friendly policy name. The |
|
Object |
Optional |
Mutable |
Applies the policy to each item of the specific attribute, filtered by decision. |
|
Boolean |
N/A |
N/A |
Whether the Policy is shared or not. |
|
Object |
Optional |
Mutable |
A collection of Statement IDs, refer to Statements. |
|
String |
N/A |
N/A |
A collection of Target IDs. |
|
String |
Required |
Read only |
The unique version ID of the Policy. |
Policy node representation
Either a PolicyRepresentation, PolicySetRepresentation, or PolicyNodeReference.
Authorization policy node reference data model
| Property | Type? | Required? | Mutable? | Description |
|---|---|---|---|---|
|
String |
N/A |
Read only |
The policy resource’s unique identifier. |
|
String |
Required |
Mutable |
The attribute type. Value is always |
Authorization repetition settings data model
| Property | Type? | Required? | Mutable? | Description |
|---|---|---|---|---|
|
Object |
N/A |
N/A |
Decision used as a filter. |
|
String |
N/A |
N/A |
ID of the repetition source being referenced. |
Response codes
| Code | Message |
|---|---|
200 |
Successful operation. |
201 |
Successfully created. |
204 |
Successfully removed. No content. |
400 |
The request could not be completed. |
401 |
You do not have access to this resource. |
403 |
You do not have permissions or are not licensed to make this request. |
404 |
The requested resource was not found. |