PingOne Platform APIs

Step 1: Get a new PingOne access token

POST {{authPath}}/{{adminEnvID}}/as/token

Because the access token you used for the workflow to create a test environment may have expired (a 1 hour expiry), you’ll again call the POST {{authPath}}/{{adminEnvID}}/as/token request to obtain a new access token. This request uses Basic authorization to get an access token having an authorization code grant type.

In this request:

  • {{authPath}} is the geographic regional domain to use for authentication and authorization for your PingOne environment. The PingOne top-level domain is https://auth.pingone.com/v1 for the U.S. Refer to PingOne API domains for the top-level domains for other regions.

  • {{adminEnvID}} is the environment that contains the admin Worker application you created using the PingOne admin console in the prior workflow to Create an admin Worker app connection.

If you’re using Postman, set these variables in the Authorization tab. If you’re not using Postman, these are header variables:

  • {{adminAppID}} is your Worker application’s Client ID that you obtained from the PingOne admin console when you created the Worker app.

  • {{adminAppSecret}} is your Worker application’s Client Secret that you obtained from the PingOne admin console when you created the Worker app.

Dev Guide Postman Environment

When successful, the response returns a Status: 200 OK message, and an access token is returned.

Troubleshooting

  • Verify that {{adminEnvID}} is the ID for your initial PingOne environment (automatically created for your account), used when you created the admin Worker app connection.

  • Verify that {{authPath}} is correct for your geographic region.

  • If you’re using Postman, verify the URL against the {{adminAppID}} and {{adminAppSecret}} values shown in Postman’s Auth tab to ensure the correct values have been added to your Postman environment. In Postman, unassigned variables are shown in red, and assigned variables in blue.

Headers

Authorization

Content-Type      application/x-www-form-urlencoded

Body

urlencoded ( application/x-www-form-urlencoded )

Key Value

grant_type

client_credentials

Example Request

  • cURL

  • C#

  • Go

  • HTTP

  • Java

  • jQuery

  • NodeJS

  • Python

  • PHP

  • Ruby

  • Swift

curl --location --globoff '{{authPath}}/{{adminEnvID}}/as/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19' \
--data-urlencode 'grant_type=client_credentials'
var options = new RestClientOptions("{{authPath}}/{{adminEnvID}}/as/token")
{
  MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("Content-Type", "application/x-www-form-urlencoded");
request.AddHeader("Authorization", "Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19");
request.AddParameter("grant_type", "client_credentials");
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);
package main

import (
  "fmt"
  "strings"
  "net/http"
  "io"
)

func main() {

  url := "{{authPath}}/{{adminEnvID}}/as/token"
  method := "POST"

  payload := strings.NewReader("grant_type=client_credentials")

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, payload)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
  req.Header.Add("Authorization", "Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := io.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}
POST /{{adminEnvID}}/as/token HTTP/1.1
Host: {{authPath}}
Content-Type: application/x-www-form-urlencoded
Authorization: Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19

grant_type=client_credentials
OkHttpClient client = new OkHttpClient().newBuilder()
  .build();
MediaType mediaType = MediaType.parse("application/x-www-form-urlencoded");
RequestBody body = RequestBody.create(mediaType, "grant_type=client_credentials");
Request request = new Request.Builder()
  .url("{{authPath}}/{{adminEnvID}}/as/token")
  .method("POST", body)
  .addHeader("Content-Type", "application/x-www-form-urlencoded")
  .addHeader("Authorization", "Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19")
  .build();
Response response = client.newCall(request).execute();
var settings = {
  "url": "{{authPath}}/{{adminEnvID}}/as/token",
  "method": "POST",
  "timeout": 0,
  "headers": {
    "Content-Type": "application/x-www-form-urlencoded",
    "Authorization": "Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19"
  },
  "data": {
    "grant_type": "client_credentials"
  }
};

$.ajax(settings).done(function (response) {
  console.log(response);
});
var request = require('request');
var options = {
  'method': 'POST',
  'url': '{{authPath}}/{{adminEnvID}}/as/token',
  'headers': {
    'Content-Type': 'application/x-www-form-urlencoded',
    'Authorization': 'Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19'
  },
  form: {
    'grant_type': 'client_credentials'
  }
};
request(options, function (error, response) {
  if (error) throw new Error(error);
  console.log(response.body);
});
import requests

url = "{{authPath}}/{{adminEnvID}}/as/token"

payload = 'grant_type=client_credentials'
headers = {
  'Content-Type': 'application/x-www-form-urlencoded',
  'Authorization': 'Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19'
}

response = requests.request("POST", url, headers=headers, data=payload)

print(response.text)
<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{authPath}}/{{adminEnvID}}/as/token');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
  'follow_redirects' => TRUE
));
$request->setHeader(array(
  'Content-Type' => 'application/x-www-form-urlencoded',
  'Authorization' => 'Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19'
));
$request->addPostParameter(array(
  'grant_type' => 'client_credentials'
));
try {
  $response = $request->send();
  if ($response->getStatus() == 200) {
    echo $response->getBody();
  }
  else {
    echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
    $response->getReasonPhrase();
  }
}
catch(HTTP_Request2_Exception $e) {
  echo 'Error: ' . $e->getMessage();
}
require "uri"
require "net/http"

url = URI("{{authPath}}/{{adminEnvID}}/as/token")

http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/x-www-form-urlencoded"
request["Authorization"] = "Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19"
request.body = "grant_type=client_credentials"

response = http.request(request)
puts response.read_body
let parameters = "grant_type=client_credentials"
let postData =  parameters.data(using: .utf8)

var request = URLRequest(url: URL(string: "{{authPath}}/{{adminEnvID}}/as/token")!,timeoutInterval: Double.infinity)
request.addValue("application/x-www-form-urlencoded", forHTTPHeaderField: "Content-Type")
request.addValue("Basic e3thZG1pbkFwcElEfX06e3thZG1pbkFwcFNlY3JldH19", forHTTPHeaderField: "Authorization")

request.httpMethod = "POST"
request.httpBody = postData

let task = URLSession.shared.dataTask(with: request) { data, response, error in
  guard let data = data else {
    print(String(describing: error))
    return
  }
  print(String(data: data, encoding: .utf8)!)
}

task.resume()

Example Response

200 OK

{
    "access_token": "eyJhbGciOi....",
    "token_type": "Bearer",
    "expires_in": 3600
}