PingOne Platform APIs

Gateway Role Assignments

The gateway role assignments service provides functionality to assign role assignments to a gateway so that the gateway can access the PingOne services it needs. Only gateway resources with a type property value of PING_FEDERATE can have assigned built-in roles.

If the actor creating the PING_FEDERATE gateway has the Environment Admin, Identity Data Admin, or both roles in the environment associated with the gateway, then the gateway is given the corresponding role or roles for that environment. Otherwise, the gateway is created without any role assignments.

Use these data models and requests to manage gateway role assignments. For more information, refer to Roles.

Role assignment scopes can be:

  • Organization

  • Environment

  • Population

  • Application

Gateway role assignments data model

Property Type Required? Mutable? Description

gateway.id

String

Required

Immutable

The UUID for the gateway.

environment.id

String

Required

Immutable

The environment associated with the gateway.

id

String

N/A

Read-only

The gateway role assignment ID.

role.id

String

Required

Immutable

The role ID.

scope.id

String

Required

Immutable

The role assignment scope ID. When this is an application ID, because an application ID is guarenteed to be globally unique (across all environments), the application ID here eliminates the need to also specify the application environment ID.

scope.type

String

Required

Immutable

The type of resource defining the scope of the Role assignment. Options are ORGANIZATION, ENVIRONMENT, and POPULATION, APPLICATION.

Response codes

Code Message

200

Successful operation.

201

Successfully created.

204

Successfully removed. No content.

400

The request could not be completed.

401

You do not have access to this resource.

404

The requested resource was not found.