Decision Evaluation
The PingOne policy decision service provides an action for runtime evaluation of decision requests against a given policy decision resource.
|
The runtime evaluation endpoint is the integration point into custom applications. It provides the connection for the application to use values from the policy decision service. |
Policy decision evaluation request data model
| Property | Type? | Required? | Mutable? | Description |
|---|---|---|---|---|
|
Object |
Required |
Mutable |
An object that specifies the evaluation parameters required by the policy. |
|
UUID |
Optional |
Mutable |
A string that specifies the user’s unique identifier. |
Policy decision evaluation response data model
| Property | Type? | Required? | Mutable? | Description |
|---|---|---|---|---|
|
UUID |
Optional |
Mutable |
A string that specifies the ID of the authorization version deployed to this endpoint. Versioning allows independent development and deployment of policies. If omitted, the endpoint always uses the latest policy version available from the policy editor service. |
|
UUID |
Required |
Mutable |
A string that specifies the resource’s unique identifier. |
|
UUID |
Optional |
Mutable |
A string that specifies the decision evaluation correlation ID. |
|
String |
Required |
Mutable |
A string that specifies the decision result. Options are |
|
Integer |
Optional |
Mutable |
An integer that specifies the evaluation duration in microseconds. |
|
String |
Optional |
Mutable |
A string that specifies the status. Options are |
|
String |
Optional |
Mutable |
A string that specifies the description of the error. |
|
UUID |
Required |
Mutable |
A string that specifies the statement’s unique identifier. |
|
String |
Required |
Mutable |
A string that specifies the statement name. |
|
UUID |
Optional |
Mutable |
A string that specifies the the statement code. Options are |
|
Object |
Optional |
Mutable |
An object that specifies statement payload. |
|
String |
Optional |
Mutable |
A string that specifies the time the evaluation was executed. |
Policy decision evaluation related resource links
| Link | Description |
|---|---|
|
A string that specifies the URL for the decision request’s associated profile. |
|
A string that specifies the URL for the authorization version endpoint. |
|
A string that specifies the URL for the authorization version profile. |
|
A string that specifies the URL for the policy endpoint. |
|
A string that specifies the URL for the policy profile. |
|
A string that specifies the URL for the statements endpoint. |
|
A string that specifies the URL for the statements profile. |
Policy decision authorization events generated
Refer to Audit Reporting Events for the events generated.
The decision event format returned by a DECISION_ENDPOINT.DECISION_REQUEST_EVALUATED event uses terse keys to reduce storage requirements. The following table explains the meaning of each key returned in the decision event response.
| Key | Description |
|---|---|
|
The name of the endpoint against which the decision request was evaluated. |
|
The ID of the endpoint against which the decision request was evaluated. |
|
The ID of the PingOne Authorize Policy that was deployed to the endpoint at the time the decision request was evaluated. |
|
The ID of the version that was deployed to the endpoint at the time the decision request was evaluated. |
|
The overall decision produced. |
|
The JSON object describing the scenario (the decisions produced by individual policies and rules that contributed to the overall decision). |
|
The list of the IDs of the policies and rules that produced the decision |
|
The list of the IDs of the policies and rules that produced the decision |
|
The list of the IDs of the policies and rules that produced the decision |
|
The time taken to evaluate the decision request (in microseconds). |
|
The JSON array giving the names and values of PingOne Authorize Services that were invoked as part of the decision request evaluation. |
|
The service name. |
|
The service value. |