--- title: Authorization Statements description: Statements instruct the policy decision service to perform additional processing in conjunction with an authorization decision. In addition to allowing or blocking access to a resource, using statements, the decision service can attach information to decision responses and filter and transform API payloads. component: pingone-api-ea page_id: pingone-api-ea:authorize:early-access/pingone-authorize-admin-apis/pingauthorize-editor-policy-management/authorization-statements canonical_url: https://developer.pingidentity.com/pingone-api-ea/authorize/early-access/pingone-authorize-admin-apis/pingauthorize-editor-policy-management/authorization-statements.html section_ids: authorization-statements-data-model: Authorization statements data model event-types: Event types response-codes: Response codes --- # Authorization Statements Statements instruct the policy decision service to perform additional processing in conjunction with an authorization decision. In addition to allowing or blocking access to a resource, using statements, the decision service can attach information to decision responses and filter and transform API payloads. | | | | - | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | For detailed information about statements resources, refer to [Statements](hhttps://docs.pingidentity.com/pingone/authorization_using_pingone_authorize/p1az_policy_statements.html) in the *PingOne Cloud Platform Administrator Guide*. | ## Authorization statements data model | Property | Type | Required | Mutable | Description | | ------------- | ------- | -------- | --------- | -------------------------------------------------------------------------------------------------------------------------------- | | `appliesif` | String | Required | Mutable | Specifies when to attach to a final decision. Options are `ANYTHING`, `FINAL_DECISION_MATCHES`, and `PATCH_MATCHES`. | | `appliesTo` | String | Required | Mutable | Specifies what result the statement applies to. Options are `ANYTHING`, `PERMIT`, `DENY`, `PERMIT_OR_DENY`, and `INDETERMINATE`. | | `attributes` | Object | Required | Mutable | The attributes attached to the statement. | | `code` | String | Required | Mutable | The statement code. | | `description` | String | Optional | Mutable | The authorization processor resource's description. | | `value.id` | String | N/A | Read only | The resource's unique identifier. | | `name` | String | Required | Mutable | A user-friendly authorization processor name. The `name` value must be unique. | | `obligatory` | Boolean | Optional | Mutable | Specifies that the statement must be fulfilled as a condition of authorizing the decision request. The defaule is `false`. | | `payload` | String | Required | Mutable | The statement payload. | | `services` | Object | Required | Mutable | The services attached to the statement. | | `version` | String | Required | Read only | A random ID generated by the system for concurrency control purposes. | ## Event types The audit reporting events applicable to the authorize statements service are: | Topic | Event | | ----------------- | ----------------------------- | | `authorize-model` | `AUTHORIZE_STATEMENT.CREATED` | | `authorize-model` | `AUTHORIZE_STATEMENT.UPDATED` | | `authorize-model` | `AUTHORIZE_STATEMENT.DELETED` | ## Response codes | Code | Message | | ---- | --------------------------------------------------------------------- | | 200 | Successful operation. | | 201 | Successfully created. | | 204 | Successfully removed. No content. | | 400 | The request could not be completed. | | 401 | You do not have access to this resource. | | 403 | You do not have permissions or are not licensed to make this request. | | 404 | The requested resource was not found. |