PingOne Platform APIs

Bearer Token

Bearer tokens enable requests to authenticate using an access key, such as a JSON Web Token (JWT) used by PingOne. The token is three base64url strings separated by periods, and specified in the variable used by the Authorization header.

To configure a PingOne collection to use Bearer Token for authorization:

  1. Click on the collection.

  2. Click the Authorization tab.

  3. Select Bearer Token from Type.

  4. In Token, type {{accessToken}}, the variable from the environment variable template.

You should always place your API key value in the variable. Authorization requests in PingOne collections that return an access token automatically set the {{accessToken}} variable to the returned access token.

Postman appends the Token value to the text Bearer in the required format to the request Authorization header: Authorization: Bearer <access token>.

Before you can run Postman requests that use Bearer Token, you must retrieve an access token. To retrieve an access token manually in Postman:

  1. Run Token Admin App (client_credentials).

    The script on the Tests tab sets the {{accessToken}} environment variable to access_token from the response.

  2. Postman applies {{accessToken}} to requests with Authorization Inherit auth from parent until it expires.

  3. Repeat these steps.