---
title: Read Single FIDO Policy
description: Use GET {{apiPath}}/v1/environments/{{envID}}/fido2Policies/{{fidoPolicyID}} to retrieve the details of a specific FIDO policy.
component: pingone-api
page_id: pingone-api:mfa:fido-policies/read_single_fido_policy
canonical_url: https://developer.pingidentity.com/pingone-api/mfa/fido-policies/read_single_fido_policy.html
section_ids:
  headers: Headers
  example-request: Example Request
  example-response: Example Response
---

# Read Single FIDO Policy

##

```none
GET {{apiPath}}/v1/environments/{{envID}}/fido2Policies/{{fidoPolicyID}}
```

Use `GET {{apiPath}}/v1/environments/{{envID}}/fido2Policies/{{fidoPolicyID}}` to retrieve the details of a specific FIDO policy.

The policy ID can be taken from the `id` field for the policy in the list of policies returned when you retrieve all of the FIDO policies for an environment. The ID of each policy is also displayed on the FIDO Policies page in the PingOne UI.

> **Collapse: Query parameters**
>
> | Parameter | Description                                                                                                                                                                                                              |
> | --------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
> | `expand`  | (Optional) Use `expand=deviceAuthenticationPolicies` to return `_embedded.deviceAuthenticationPolicies` for each policy in the response. This is a list of the device authentication policies that use that FIDO policy. |

|   |                                                                                                                                                                    |
| - | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
|   | If the FIDO policy that you want to retrieve has not yet been updated to the newer FIDO policy format, the request must use the previous endpoint, `fidoPolicies`. |

### Headers

Authorization      Bearer {{accessToken}}

##

### Example Request

* cURL

* C#

* Go

* HTTP

* Java

* jQuery

* NodeJS

* Python

* PHP

* Ruby

* Swift

```shell
curl --location --globoff '{{apiPath}}/v1/environments/{{envID}}/fido2Policies/{{fidoPolicyID}}' \
--header 'Authorization: Bearer {{accessToken}}'
```

```csharp
var options = new RestClientOptions("{{apiPath}}/v1/environments/{{envID}}/fido2Policies/{{fidoPolicyID}}")
{
  MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Get);
request.AddHeader("Authorization", "Bearer {{accessToken}}");
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);
```

```golang
package main

import (
  "fmt"
  "net/http"
  "io"
)

func main() {

  url := "{{apiPath}}/v1/environments/{{envID}}/fido2Policies/{{fidoPolicyID}}"
  method := "GET"

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, nil)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("Authorization", "Bearer {{accessToken}}")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := io.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}
```

```http
GET /v1/environments/{{envID}}/fido2Policies/{{fidoPolicyID}} HTTP/1.1
Host: {{apiPath}}
Authorization: Bearer {{accessToken}}
```

```java
OkHttpClient client = new OkHttpClient().newBuilder()
  .build();
MediaType mediaType = MediaType.parse("text/plain");
RequestBody body = RequestBody.create(mediaType, "");
Request request = new Request.Builder()
  .url("{{apiPath}}/v1/environments/{{envID}}/fido2Policies/{{fidoPolicyID}}")
  .method("GET", body)
  .addHeader("Authorization", "Bearer {{accessToken}}")
  .build();
Response response = client.newCall(request).execute();
```

```javascript
var settings = {
  "url": "{{apiPath}}/v1/environments/{{envID}}/fido2Policies/{{fidoPolicyID}}",
  "method": "GET",
  "timeout": 0,
  "headers": {
    "Authorization": "Bearer {{accessToken}}"
  },
};

$.ajax(settings).done(function (response) {
  console.log(response);
});
```

```javascript
var request = require('request');
var options = {
  'method': 'GET',
  'url': '{{apiPath}}/v1/environments/{{envID}}/fido2Policies/{{fidoPolicyID}}',
  'headers': {
    'Authorization': 'Bearer {{accessToken}}'
  }
};
request(options, function (error, response) {
  if (error) throw new Error(error);
  console.log(response.body);
});
```

```python
import requests

url = "{{apiPath}}/v1/environments/{{envID}}/fido2Policies/{{fidoPolicyID}}"

payload = {}
headers = {
  'Authorization': 'Bearer {{accessToken}}'
}

response = requests.request("GET", url, headers=headers, data=payload)

print(response.text)
```

```php
<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/v1/environments/{{envID}}/fido2Policies/{{fidoPolicyID}}');
$request->setMethod(HTTP_Request2::METHOD_GET);
$request->setConfig(array(
  'follow_redirects' => TRUE
));
$request->setHeader(array(
  'Authorization' => 'Bearer {{accessToken}}'
));
try {
  $response = $request->send();
  if ($response->getStatus() == 200) {
    echo $response->getBody();
  }
  else {
    echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
    $response->getReasonPhrase();
  }
}
catch(HTTP_Request2_Exception $e) {
  echo 'Error: ' . $e->getMessage();
}
```

```ruby
require "uri"
require "net/http"

url = URI("{{apiPath}}/v1/environments/{{envID}}/fido2Policies/{{fidoPolicyID}}")

http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Get.new(url)
request["Authorization"] = "Bearer {{accessToken}}"

response = http.request(request)
puts response.read_body
```

```swift
var request = URLRequest(url: URL(string: "{{apiPath}}/v1/environments/{{envID}}/fido2Policies/{{fidoPolicyID}}")!,timeoutInterval: Double.infinity)
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")

request.httpMethod = "GET"

let task = URLSession.shared.dataTask(with: request) { data, response, error in
  guard let data = data else {
    print(String(describing: error))
    return
  }
  print(String(data: data, encoding: .utf8)!)
}

task.resume()
```

### Example Response

200 OK

```json
{
    "_links": {
        "self": {
            "href": "https://api.pingone.eu/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/fido2Policies/916195d3-1039-42b2-a4fa-8cabab16b86f"
        },
        "environment": {
            "href": "https://api.pingone.eu/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
        }
    },
    "id": "916195d3-1039-42b2-a4fa-8cabab16b86f",
    "environment": {
        "id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
    },
    "updatedAt": "2024-12-09T12:19:56.814Z",
    "createdAt": "2024-12-09T12:19:56.814Z",
    "name": "FIDO Policy - allow only FIDO-certified authenticators",
    "description": "FIDO Policy that specifies that only FIDO-certified authenticators can be used",
    "deviceDisplayName": "Fido2 device",
    "discoverableCredentials": "REQUIRED",
    "authenticatorAttachment": "BOTH",
    "userVerification": {
        "enforceDuringAuthentication": true,
        "option": "REQUIRED"
    },
    "userPresenceTimeout": {
        "duration": 2,
        "timeUnit": "MINUTES"
    },
    "backupEligibility": {
        "enforceDuringAuthentication": true,
        "allow": true
    },
    "userDisplayNameAttributes": {
        "attributes": [
            {
                "name": "username"
            },
            {
                "name": "email"
            }
        ]
    },
    "attestationRequirements": "DIRECT",
    "mdsAuthenticatorsRequirements": {
        "enforceDuringAuthentication": true,
        "option": "CERTIFIED"
    },
    "relyingPartyId": "relyingpartydomain.example.com",
    "publicKeyCredentialHints": [
        "SECURITY_KEY",
        "CLIENT_DEVICE",
        "HYBRID"
    ],
    "aggregateDevices": false,
    "default": false
}
```