Application Permissions
The PingOne Authorize application resources and roles service provides endpoints to define custom roles and permissions within PingOne to protect external application resources.
To create and manage application roles and permissions, see:
-
Provides endpoints to list the representations of external applications in PingOne. For create, update, and delete operations for application resources, refer to Application Resources.
-
Application resource permissions
Provides endpoints to define and manage permissions on the application resource.
-
Provides endpoints to define and manage application roles in PingOne. Roles contain application permissions. Application roles can be assigned to PingOne users.
-
Provides endpoints to define and manage access control permissions, expected to be defined by a customer application developer. An application permission is comprised of an action and a protected resource, such as
read:accounts. When a permission is added to a role, it creates a role entry. A subject assigned to a role is authorized for the permissions represented by the role’s entries. -
Application role assignments by role
Provides an endpoint to read application role assignments by role. The endpoint specifies a role ID in the request URL and the operation returns the role assignments associated with the identified role.
-
User application role assignments
Provides endpoints to define and manage application role assignments associated with user resources.