Migrate Device Authentication Policies
POST {{apiPath}}/environments/{{envID}}/deviceAuthenticationPoliciesThis example uses the deviceAuthenticationPolicies endpoint with content type: application/vnd.pingidentity.deviceAuthenticationPolicy.fido2.migrate+json to carry out a batch migration of device authentication policies associated with the previous FIDO policy format (device authentication policies that have FIDO Biometrics or Security Key enabled).
The response contains a collection of the updated device authentication policies.
|
When you run a migration request, all of the MFA policies that require an update will be updated, even if they are not explicitly included in the body of the request. You only have to include the MFA policies that you want to associate with a specific enhanced FIDO policy. Any MFA policies that will just use the default FIDO policy can be left out. |
Request Model
| Property | Type | Required? |
|---|---|---|
|
Array |
Optional |
|
String |
Required |
|
String |
Optional |
Refer to the Policy migration data model for full property descriptions.
Example Request
-
cURL
-
C#
-
Go
-
HTTP
-
Java
-
jQuery
-
NodeJS
-
Python
-
PHP
-
Ruby
-
Swift
curl --location --globoff '{{apiPath}}/environments/{{envID}}/deviceAuthenticationPolicies' \
--header 'Content-Type: application/vnd.pingidentity.deviceAuthenticationPolicy.fido2.migrate+json' \
--header 'Authorization: Bearer {{accessToken}}' \
--data '{
"migrationData": [
{
"deviceAuthenticationPolicyId": "{{mfaPolicyID}}",
"fido2PolicyId": "{{fidoPolicyID_2}}"
},
{
"deviceAuthenticationPolicyId": "{{mfaPolicyID_2}}"
}
]
}'var options = new RestClientOptions("{{apiPath}}/environments/{{envID}}/deviceAuthenticationPolicies")
{
MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("Content-Type", "application/vnd.pingidentity.deviceAuthenticationPolicy.fido2.migrate+json");
request.AddHeader("Authorization", "Bearer {{accessToken}}");
var body = @"{" + "\n" +
@" ""migrationData"": [" + "\n" +
@" {" + "\n" +
@" ""deviceAuthenticationPolicyId"": ""{{mfaPolicyID}}""," + "\n" +
@" ""fido2PolicyId"": ""{{fidoPolicyID_2}}""" + "\n" +
@" }," + "\n" +
@" {" + "\n" +
@" ""deviceAuthenticationPolicyId"": ""{{mfaPolicyID_2}}""" + "\n" +
@" }" + "\n" +
@" ]" + "\n" +
@"}";
request.AddStringBody(body, DataFormat.Json);
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "{{apiPath}}/environments/{{envID}}/deviceAuthenticationPolicies"
method := "POST"
payload := strings.NewReader(`{
"migrationData": [
{
"deviceAuthenticationPolicyId": "{{mfaPolicyID}}",
"fido2PolicyId": "{{fidoPolicyID_2}}"
},
{
"deviceAuthenticationPolicyId": "{{mfaPolicyID_2}}"
}
]
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/vnd.pingidentity.deviceAuthenticationPolicy.fido2.migrate+json")
req.Header.Add("Authorization", "Bearer {{accessToken}}")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}POST /environments/{{envID}}/deviceAuthenticationPolicies HTTP/1.1
Host: {{apiPath}}
Content-Type: application/vnd.pingidentity.deviceAuthenticationPolicy.fido2.migrate+json
Authorization: Bearer {{accessToken}}
{
"migrationData": [
{
"deviceAuthenticationPolicyId": "{{mfaPolicyID}}",
"fido2PolicyId": "{{fidoPolicyID_2}}"
},
{
"deviceAuthenticationPolicyId": "{{mfaPolicyID_2}}"
}
]
}OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("application/vnd.pingidentity.deviceAuthenticationPolicy.fido2.migrate+json");
RequestBody body = RequestBody.create(mediaType, "{\n \"migrationData\": [\n {\n \"deviceAuthenticationPolicyId\": \"{{mfaPolicyID}}\",\n \"fido2PolicyId\": \"{{fidoPolicyID_2}}\"\n },\n {\n \"deviceAuthenticationPolicyId\": \"{{mfaPolicyID_2}}\"\n }\n ]\n}");
Request request = new Request.Builder()
.url("{{apiPath}}/environments/{{envID}}/deviceAuthenticationPolicies")
.method("POST", body)
.addHeader("Content-Type", "application/vnd.pingidentity.deviceAuthenticationPolicy.fido2.migrate+json")
.addHeader("Authorization", "Bearer {{accessToken}}")
.build();
Response response = client.newCall(request).execute();var settings = {
"url": "{{apiPath}}/environments/{{envID}}/deviceAuthenticationPolicies",
"method": "POST",
"timeout": 0,
"headers": {
"Content-Type": "application/vnd.pingidentity.deviceAuthenticationPolicy.fido2.migrate+json",
"Authorization": "Bearer {{accessToken}}"
},
"data": JSON.stringify({
"migrationData": [
{
"deviceAuthenticationPolicyId": "{{mfaPolicyID}}",
"fido2PolicyId": "{{fidoPolicyID_2}}"
},
{
"deviceAuthenticationPolicyId": "{{mfaPolicyID_2}}"
}
]
}),
};
$.ajax(settings).done(function (response) {
console.log(response);
});var request = require('request');
var options = {
'method': 'POST',
'url': '{{apiPath}}/environments/{{envID}}/deviceAuthenticationPolicies',
'headers': {
'Content-Type': 'application/vnd.pingidentity.deviceAuthenticationPolicy.fido2.migrate+json',
'Authorization': 'Bearer {{accessToken}}'
},
body: JSON.stringify({
"migrationData": [
{
"deviceAuthenticationPolicyId": "{{mfaPolicyID}}",
"fido2PolicyId": "{{fidoPolicyID_2}}"
},
{
"deviceAuthenticationPolicyId": "{{mfaPolicyID_2}}"
}
]
})
};
request(options, function (error, response) {
if (error) throw new Error(error);
console.log(response.body);
});import requests
import json
url = "{{apiPath}}/environments/{{envID}}/deviceAuthenticationPolicies"
payload = json.dumps({
"migrationData": [
{
"deviceAuthenticationPolicyId": "{{mfaPolicyID}}",
"fido2PolicyId": "{{fidoPolicyID_2}}"
},
{
"deviceAuthenticationPolicyId": "{{mfaPolicyID_2}}"
}
]
})
headers = {
'Content-Type': 'application/vnd.pingidentity.deviceAuthenticationPolicy.fido2.migrate+json',
'Authorization': 'Bearer {{accessToken}}'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/environments/{{envID}}/deviceAuthenticationPolicies');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
'follow_redirects' => TRUE
));
$request->setHeader(array(
'Content-Type' => 'application/vnd.pingidentity.deviceAuthenticationPolicy.fido2.migrate+json',
'Authorization' => 'Bearer {{accessToken}}'
));
$request->setBody('{\n "migrationData": [\n {\n "deviceAuthenticationPolicyId": "{{mfaPolicyID}}",\n "fido2PolicyId": "{{fidoPolicyID_2}}"\n },\n {\n "deviceAuthenticationPolicyId": "{{mfaPolicyID_2}}"\n }\n ]\n}');
try {
$response = $request->send();
if ($response->getStatus() == 200) {
echo $response->getBody();
}
else {
echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
$response->getReasonPhrase();
}
}
catch(HTTP_Request2_Exception $e) {
echo 'Error: ' . $e->getMessage();
}require "uri"
require "json"
require "net/http"
url = URI("{{apiPath}}/environments/{{envID}}/deviceAuthenticationPolicies")
http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/vnd.pingidentity.deviceAuthenticationPolicy.fido2.migrate+json"
request["Authorization"] = "Bearer {{accessToken}}"
request.body = JSON.dump({
"migrationData": [
{
"deviceAuthenticationPolicyId": "{{mfaPolicyID}}",
"fido2PolicyId": "{{fidoPolicyID_2}}"
},
{
"deviceAuthenticationPolicyId": "{{mfaPolicyID_2}}"
}
]
})
response = http.request(request)
puts response.read_bodylet parameters = "{\n \"migrationData\": [\n {\n \"deviceAuthenticationPolicyId\": \"{{mfaPolicyID}}\",\n \"fido2PolicyId\": \"{{fidoPolicyID_2}}\"\n },\n {\n \"deviceAuthenticationPolicyId\": \"{{mfaPolicyID_2}}\"\n }\n ]\n}"
let postData = parameters.data(using: .utf8)
var request = URLRequest(url: URL(string: "{{apiPath}}/environments/{{envID}}/deviceAuthenticationPolicies")!,timeoutInterval: Double.infinity)
request.addValue("application/vnd.pingidentity.deviceAuthenticationPolicy.fido2.migrate+json", forHTTPHeaderField: "Content-Type")
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")
request.httpMethod = "POST"
request.httpBody = postData
let task = URLSession.shared.dataTask(with: request) { data, response, error in
guard let data = data else {
print(String(describing: error))
return
}
print(String(data: data, encoding: .utf8)!)
}
task.resume()Example Response
200 OK
{
"_links": {
"environment": {
"href": "https://api.pingone.eu/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
},
"self": {
"href": "https://api.pingone.eu/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/deviceAuthenticationPolicy"
}
},
"_embedded": {
"deviceAuthenticationPolicies": [
{
"_links": {
"self": {
"href": "https://api.pingone.eu/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/deviceAuthenticationPolicies/3f8ec0d9-f56c-0de2-37da-675ad7d1840e"
}
},
"id": "3f8ec0d9-f56c-0de2-37da-675ad7d1840e",
"environment": {
"id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
},
"name": "Environment Policy",
"authentication": {
"deviceSelection": "DEFAULT_TO_FIRST"
},
"sms": {
"enabled": false,
"pairingDisabled": false,
"otp": {
"failure": {
"count": 3,
"coolDown": {
"duration": 0,
"timeUnit": "MINUTES"
}
},
"lifeTime": {
"duration": 30,
"timeUnit": "MINUTES"
}
}
},
"email": {
"enabled": true,
"pairingDisabled": false,
"otp": {
"failure": {
"count": 3,
"coolDown": {
"duration": 0,
"timeUnit": "MINUTES"
}
},
"lifeTime": {
"duration": 30,
"timeUnit": "MINUTES"
}
}
},
"mobile": {
"enabled": true,
"otp": {
"failure": {
"count": 3,
"coolDown": {
"duration": 2,
"timeUnit": "MINUTES"
}
}
}
},
"totp": {
"enabled": true,
"pairingDisabled": false,
"otp": {
"failure": {
"count": 3,
"coolDown": {
"duration": 2,
"timeUnit": "MINUTES"
}
}
}
},
"voice": {
"enabled": false,
"pairingDisabled": false,
"otp": {
"failure": {
"count": 3,
"coolDown": {
"duration": 0,
"timeUnit": "MINUTES"
}
},
"lifeTime": {
"duration": 30,
"timeUnit": "MINUTES"
}
}
},
"securityKey": {
"enabled": false,
"pairingDisabled": false
},
"platform": {
"enabled": false,
"pairingDisabled": false
},
"fido2": {
"enabled": true,
"pairingDisabled": false
},
"forSignOnPolicy": true,
"updatedAt": "2023-06-22T12:42:57.827Z",
"createdAt": "2022-03-02T12:51:13.185Z",
"default": false
},
{
"_links": {
"self": {
"href": "https://api.pingone.eu/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/deviceAuthenticationPolicies/a7257bc1-cd9c-0483-1b67-06317bc5c64f"
}
},
"id": "a7257bc1-cd9c-0483-1b67-06317bc5c64f",
"environment": {
"id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
},
"name": "Default MFA Policy",
"authentication": {
"deviceSelection": "DEFAULT_TO_FIRST"
},
"sms": {
"enabled": false,
"pairingDisabled": false,
"otp": {
"failure": {
"count": 3,
"coolDown": {
"duration": 0,
"timeUnit": "MINUTES"
}
},
"lifeTime": {
"duration": 30,
"timeUnit": "MINUTES"
}
}
},
"email": {
"enabled": true,
"pairingDisabled": false,
"otp": {
"failure": {
"count": 3,
"coolDown": {
"duration": 0,
"timeUnit": "MINUTES"
}
},
"lifeTime": {
"duration": 30,
"timeUnit": "MINUTES"
}
}
},
"mobile": {
"enabled": true,
"otp": {
"failure": {
"count": 3,
"coolDown": {
"duration": 2,
"timeUnit": "MINUTES"
}
}
}
},
"totp": {
"enabled": true,
"pairingDisabled": false,
"otp": {
"failure": {
"count": 3,
"coolDown": {
"duration": 2,
"timeUnit": "MINUTES"
}
}
}
},
"voice": {
"enabled": false,
"pairingDisabled": false,
"otp": {
"failure": {
"count": 3,
"coolDown": {
"duration": 0,
"timeUnit": "MINUTES"
}
},
"lifeTime": {
"duration": 30,
"timeUnit": "MINUTES"
}
}
},
"securityKey": {
"enabled": false,
"pairingDisabled": false
},
"platform": {
"enabled": false,
"pairingDisabled": false
},
"fido2": {
"enabled": true,
"pairingDisabled": false
},
"forSignOnPolicy": false,
"updatedAt": "2023-06-22T12:42:57.857Z",
"createdAt": "2022-03-02T12:51:13.187Z",
"default": true
},
{
"_links": {
"self": {
"href": "https://api.pingone.eu/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/deviceAuthenticationPolicies/2d20ed61-9c8d-4af5-ae87-816d6f3d2255"
}
},
"id": "2d20ed61-9c8d-4af5-ae87-816d6f3d2255",
"environment": {
"id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
},
"name": "New Policy",
"authentication": {
"deviceSelection": "DEFAULT_TO_FIRST"
},
"sms": {
"enabled": false,
"pairingDisabled": false,
"otp": {
"failure": {
"count": 3,
"coolDown": {
"duration": 0,
"timeUnit": "MINUTES"
}
},
"lifeTime": {
"duration": 30,
"timeUnit": "MINUTES"
}
}
},
"email": {
"enabled": true,
"pairingDisabled": false,
"otp": {
"failure": {
"count": 3,
"coolDown": {
"duration": 0,
"timeUnit": "MINUTES"
}
},
"lifeTime": {
"duration": 30,
"timeUnit": "MINUTES"
}
}
},
"mobile": {
"enabled": true,
"otp": {
"failure": {
"count": 3,
"coolDown": {
"duration": 2,
"timeUnit": "MINUTES"
}
}
}
},
"totp": {
"enabled": true,
"pairingDisabled": false,
"otp": {
"failure": {
"count": 3,
"coolDown": {
"duration": 2,
"timeUnit": "MINUTES"
}
}
}
},
"voice": {
"enabled": true,
"pairingDisabled": false,
"otp": {
"failure": {
"count": 3,
"coolDown": {
"duration": 0,
"timeUnit": "MINUTES"
}
},
"lifeTime": {
"duration": 30,
"timeUnit": "MINUTES"
}
}
},
"securityKey": {
"enabled": false,
"pairingDisabled": false
},
"platform": {
"enabled": false,
"pairingDisabled": false
},
"fido2": {
"enabled": true,
"pairingDisabled": false,
"fido2PolicyId": "cca7e284-2acf-4346-8752-b9109c56fb42"
},
"forSignOnPolicy": false,
"updatedAt": "2023-06-22T12:42:57.865Z",
"createdAt": "2022-05-24T11:39:21.053Z",
"default": false
}
]
},
"size": 3
}