PingOne Platform APIs

DaVinci Admin Flows

DaVinci flows are constructed, logical paths that specify the workflow for the user’s authorization and authentication experiences.

Flows consist of one or more nodes joined together. Each node performs a specific task, using one of the capabilities of your connectors. After completing the task, the flow determines which task to perform next until the flow is complete.

The PingOne DaVinci Admin Flows service provides endpoints to create, read, update, and delete DaVinci flows. This service also includes endpoints to enable, deploy, import, and clone flows.

DaVinci admin flow data model properties

Property Type? Required? Mutable? Description

color

String

Optional

Mutable

The color of the flow.

connectors

Array[object]

Optional

Mutable

An array of connectors that apply to the flow. An optional query parameter can toggle behavior, either the names of the connectors are returned or the connection objects themselves are returned as embedded objects.

connectors.id

String

Optional

Mutable

The connector ID (or IDs) associated with the flow. Example connectors are httpConnector, functionsConnector, pingOneVerifyConnector, and annotationConnector.

createdAt

Time

N/A

Read only

The timestamp when the flow was created.

currentVersion

Integer

Optional

Immutable

The saved version of the flow.

deployedAt

Time

N/A

Read only

The stamp when the flow was last deployed.

description

String

Optional

Mutable

The description of the flow.

enabled

Boolean

Optional

Immutable

The state of the flow. This can be stored as its own value in the database or it can reflect an existing flowStatus.

environment

Object

N/A

Read only

The DaVinci company ID (environment ID) object.

environment.id

String

N/A

Read only

The DaVinci company ID, which is the PingOne environment ID.

graphData

Object

Optional

Mutable

The graph-based representation of the flow depicted in the UI.

id

String

N/A

Read only

The flow ID.

inputSchema

Array[object]

Optional

Mutable

The flow input parameters in an array of JSONschema objects. If the trigger.type property is AUTHENTICATION, then the flow is a PingOne flow, and the input schema properties are listed in this table. If the trigger.type property is not AUTHENTICATION, then the flow is not a PingOne flow and the input schema properties are described in Input schema for non-PingOne flows data model properties.

inputSchema.propertyName

String

Required

Mutable

If inputSchema is set, the input schema property name is a required property.

inputSchema.description

String

Optional

Mutable

The description for an input schema property.

inputSchema.isExpanded

Boolean

Optional

Mutable

Specifies whether the input schema is expanded in the response.

inputSchema.preferredDataType

String

Required

Mutable

If inputSchema is set, the data type of the input schema property is required. Options are string, number, integer, boolean, array, and object.

inputSchema.preferredControlType

String

Optional

Mutable

The control type of the input schema property. Options are textField.

inputSchema.required

Boolean

Optional

Mutable

Specifies whether the input schema property is required for the flow.

name

String

Required

Mutable

The name of the flow.

outputSchema

Object

Optional

Mutable

The JSONschema output object of the flow.

outputSchema.output

Object

Optional

Mutable

The output object of the output schema.

outputSchema.output.type

String

Optional

Mutable

The output type.

outputSchema.output.additionalProperties

Boolean

Optional

Mutable

Specifies whether the output has additional properties.

outputSchema.output.properties

Object

Optional

Mutable

A JSON object that specifies the output schema’s properties.

outputSchema.output.properties.{{propName}}

Object

Optional

Mutable

An output schema property definition.

outputSchema.output.properties.{{propName}}.type

Object

Optional

Mutable

An output schema property’s data type.

publishedVersion

Integer

Optional

Immutable

The currently deployed version of the flow.

settings

Object

Optional

Mutable

Flow settings saved by the user. Refer to the Settings property data model table for details.

trigger

Object

Optional

Mutable

The flow trigger object.

trigger.type

String

Optional

Mutable

If the trigger type is set to AUTHENTICATION, you invoke the flow through PingOne OpenID Connect or SAML endpoints. The AUTHENTICATION trigger type overwrites the inputSchema values with the default authentication schema.

trigger.configuration

Object

Optional

Mutable

The configuration object for session reuse.

trigger.configuration.pwd

Object

Optional

Mutable

The configuration object for password session reuse.

trigger.configuration.pwd.enabled

Boolean

Optional

Mutable

Specifies whether this configuration must be used to check for existing sessions.

trigger.configuration.pwd.lastSignOn

Integer

Optional

Mutable

An integer that specifies the duration (in seconds) that an active session can be reused.

trigger.configuration.mfa

Object

Optional

Mutable

The configuration object for MFA session reuse.

trigger.configuration.mfa.enabled

Boolean

Optional

Mutable

Specifies whether this configuration must be used to check for existing sessions.

trigger.configuration.mfa.lastSignOn

Integer

Optional

Mutable

An integer that specifies the duration (in seconds) that an active session can be reused.

updatedAt

Date

N/A

Read only

The timestamp when the flow was updated or saved.

Settings property data model

The following table lists the supported flow settings properties that can be used in the settings property.

Property Type? Required? Mutable? Description

csp

String

Optional

Mutable

Content Security Policy content to which a Content-Security-Policy meta tag will be added. If you use a custom Javascript flow player, it is required.

css

String

Optional

Mutable

The CSS styling rules to be applied to the flow version.

cssLinks

Array

Optional

Mutable

A list of URL locations of CSS files to apply to the flow version.

customErrorScreenBrandLogoUrl

String

Optional

Mutable

The URL of the logo to use for the error page, such as "https://example.com/logo.png".

customErrorShowFooter

Boolean

Optional

Mutable

Show footer in the error screen.

customFaviconLink

String

Optional

Mutable

The URL of the favicon image to use for the page. This image is displayed in the title bar of the browser and in saved bookmarks.

customLogoUrlSelection

String

Optional

Mutable

The URL location of the logo to show on error pages.

customTitle

String

Optional

Mutable

The title of the page. This title is displayed in the title bar of the browser and used for the page title in search engine results.

doNotSubstituteUnreplacedFields

Boolean

Optional

Mutable

By default, unreplaced parameterized fields will be substituted with an empty string. This parameter overrides that behavior if set to true.

flowHttpTimeoutInSeconds

Number

Optional

Mutable

Timeout period for every node’s execution time. A response must be returned by a node before this timeout. The default value is 15 seconds. If set to 0, the default timeout value is used.

flowTimeoutInSeconds

Number

Optional

Mutable

The period after which a particular flow execution becomes inactive. The default value is 300 seconds. If set to 0, the default timeout value is used.

intermediateLoadingScreenCss

String

Optional

Mutable

The CSS rules to use for the intermediate page. This setting applies only when the show intermediate page setting is enabled (useIntermediateLoadingScreen).

intermediateLoadingScreenHtml

String

Optional

Mutable

The HTML content of the intermediate page. Applies only when the show intermediate page is enabled (useIntermediateLoadingScreen).

jsLinks

Array

Optional

Mutable

The location of JavaScript files to apply to the flow.

logLevel

String

Optional

Mutable

The log level for flow analytics. Options are None, Info, or Debug.

pingOneFlow

Boolean

Optional

Mutable

PingOne runs this flow for OIDC or SAML authentication. When a flow is invoked, PingOne sends input parameters to be made available for any node in the flow.

requireAuthenticationToInitiate

Boolean

Optional

Mutable

Flow invocation via OpenID requires authentication. Use the /sdktoken endpoint to retrieve the accessToken value, which can be sent in the query parameter &accessToken=<accessToken>.

scrubSensitiveInfo

Boolean

Optional

Mutable

Remove sensitive information from analytics.

sensitiveInfoFields

Array

Optional

Mutable

These fields will be masked with ** in Flow analytics.

useCsp

Boolean

Optional

Mutable

Enable and add a content security policy if you are adding additional scripts.

useCustomCss

Boolean

Optional

Mutable

When enabled, DaVinci uses the CSS rules in the custom CSS field.

useCustomScript

Boolean

Optional

Mutable

When enabled, DaVinci uses the JavaScript files in the JavaScript files field.

useIntermediateLoadingScreen

Boolean

Optional

Mutable

When enabled, DaVinci shows a custom user-facing page between each node in the flow.

Input schema for non-PingOne flows data model properties

Property Type? Required? Mutable? Description

inputSchema.propertyName

String

Required

Mutable

An input schema property name.

inputSchema.description

String

Optional

Mutable

The description for an input schema property.

inputSchema.isExpanded

Boolean

Optional

Mutable

Specifies whether the input schema is expanded in the response.

inputSchema.preferredDataType

String

Required

Mutable

The data type of the input schema property. Options are string, number, integer, boolean, array, and object.

inputSchema.preferredControlType

String

Optional

Mutable

The control type of the input schema property. Options are textField.

inputSchema.required

Boolean

Optional

Mutable

Specifies whether the input schema property is required for the flow.

Limiting and filtering data

You can limit the number of results returned on the Read DaVinci Flows and Read One DaVinci Flow requests with the attributes parameter. This parameter filters the response data returned by the request. The query accepts top-level DaVinci admin flow data model properties as a list of comma separated values. The query returns only the specified property values; it removes all other properties from the response. For example, the following request uses the attributes query parameter:

/environments/{{envID}}/flows/{{davinciFlowID}}?attributes=name,description

The response returns the following flow data:

{
   "_links": {...},
   "id": "{{resourceID}}",
   "name": "SomeFlow,
   "description": "A brief description"
}

SCIM operators

These SCIM operators can be applied to the following attributes:

  • eq (equals)

    Supports attributes of type STRING, DATE, NUMBER, and BOOLEAN.

  • gt (greater than)

    Supports attributes of type DATE and NUMBER.

  • ge (greater than or equal to)

    Supports attributes of type DATE and NUMBER.

  • lt (less than)

    Supports attributes of type DATE and NUMBER.

  • le (less than or equal to)

    Supports attributes of type DATE and NUMBER.

  • sw (starts with)

    Supports attributes of type STRING.

  • ew (ends with)

    Supports attributes of type STRING.

  • co (contains)

    Supports attributes of type STRING.

  • within (within a specified date)

    Supports attributes of type DATE.

  • and (logical AND)

    Logical AND for building compound expressions in which both expressions are true.

  • or (logical OR)

    Logical OR for building compound expressions if either expression is true.

Response codes

Code Message

200

Successful operation.

201

Successfully created.

204

Successfully removed. No content.

400

The request could not be completed.

401

You do not have access to this resource.

403

You do not have permissions or are not licensed to make this request.

404

The requested resource was not found.