Read One Built-in Admin Role
GET {{apiPath}}/roles/{{roleID}}Use GET /roles/{{roleID}} to return information for a single built-in role. This endpoint does not return information for a custom role. Refer to Read One Custom Admin Role for this information.
Example Request
-
cURL
-
C#
-
Go
-
HTTP
-
Java
-
jQuery
-
NodeJS
-
Python
-
PHP
-
Ruby
-
Swift
curl --location --globoff '{{apiPath}}/roles/{{roleID}}' \
--header 'Authorization: Bearer {{accessToken}}'var options = new RestClientOptions("{{apiPath}}/roles/{{roleID}}")
{
MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Get);
request.AddHeader("Authorization", "Bearer {{accessToken}}");
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "{{apiPath}}/roles/{{roleID}}"
method := "GET"
client := &http.Client {
}
req, err := http.NewRequest(method, url, nil)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Authorization", "Bearer {{accessToken}}")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}GET /roles/{{roleID}} HTTP/1.1
Host: {{apiPath}}
Authorization: Bearer {{accessToken}}OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("text/plain");
RequestBody body = RequestBody.create(mediaType, "");
Request request = new Request.Builder()
.url("{{apiPath}}/roles/{{roleID}}")
.method("GET", body)
.addHeader("Authorization", "Bearer {{accessToken}}")
.build();
Response response = client.newCall(request).execute();var settings = {
"url": "{{apiPath}}/roles/{{roleID}}",
"method": "GET",
"timeout": 0,
"headers": {
"Authorization": "Bearer {{accessToken}}"
},
};
$.ajax(settings).done(function (response) {
console.log(response);
});var request = require('request');
var options = {
'method': 'GET',
'url': '{{apiPath}}/roles/{{roleID}}',
'headers': {
'Authorization': 'Bearer {{accessToken}}'
}
};
request(options, function (error, response) {
if (error) throw new Error(error);
console.log(response.body);
});import requests
url = "{{apiPath}}/roles/{{roleID}}"
payload = {}
headers = {
'Authorization': 'Bearer {{accessToken}}'
}
response = requests.request("GET", url, headers=headers, data=payload)
print(response.text)<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/roles/{{roleID}}');
$request->setMethod(HTTP_Request2::METHOD_GET);
$request->setConfig(array(
'follow_redirects' => TRUE
));
$request->setHeader(array(
'Authorization' => 'Bearer {{accessToken}}'
));
try {
$response = $request->send();
if ($response->getStatus() == 200) {
echo $response->getBody();
}
else {
echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
$response->getReasonPhrase();
}
}
catch(HTTP_Request2_Exception $e) {
echo 'Error: ' . $e->getMessage();
}require "uri"
require "net/http"
url = URI("{{apiPath}}/roles/{{roleID}}")
http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Get.new(url)
request["Authorization"] = "Bearer {{accessToken}}"
response = http.request(request)
puts response.read_bodyvar request = URLRequest(url: URL(string: "{{apiPath}}/roles/{{roleID}}")!,timeoutInterval: Double.infinity)
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")
request.httpMethod = "GET"
let task = URLSession.shared.dataTask(with: request) { data, response, error in
guard let data = data else {
print(String(describing: error))
return
}
print(String(data: data, encoding: .utf8)!)
}
task.resume()Example Response
200 OK
{
"_links": {
"self": {
"href": "https://api.pingone.com/v1/roles"
}
},
"_embedded": {
"roles": [
{
"_links": {
"self": {
"href": "https://api.pingone.com/v1/roles/1813bc13-8d13-4e88-a825-d40bfe82777b"
}
},
"id": "1813bc13-8d13-4e88-a825-d40bfe82777b",
"name": "Organization Admin",
"description": "Organization Admin",
"applicableTo": [
"ORGANIZATION"
],
"permissions": [
{
"classifier": "config",
"description": "Retrieve PingOne Advanced Services customer configuration"
},
{
"classifier": "entity",
"description": "Update PingOne Authorize Entity"
},
{
"classifier": "orchestration",
"description": "Creates a Orchestration flow for Ping Intelligence deployment"
},
{
"classifier": "entity",
"description": "Read PingOne Authorize Entity"
},
{
"classifier": "recentdecisions",
"description": "Read Recent Decisions of a PingOne Authorize Decision Endpoint"
},
{
"classifier": "organization",
"description": "Read organizations"
},
{
"classifier": "orchestration",
"description": "Updates Orchestration flow for Ping Enterprise deployment"
},
{
"classifier": "orchestration",
"description": "Creates a Orchestration flow for Ping Enterprise deployment"
},
{
"classifier": "environment",
"description": "Read environments"
},
{
"classifier": "orchestration",
"description": "Updates Orchestration flow for Ping Intelligence deployment"
},
{
"classifier": "deployment",
"description": "Read deployment resource"
},
{
"classifier": "tag",
"description": "Create and Update PingOne Authorize Policy Version Tag"
},
{
"classifier": "decisionendpoint",
"description": "Create PingOne Authorize Decision Endpoint"
},
{
"classifier": "environment",
"description": "Delete PingOne Advanced Services environment"
},
{
"classifier": "entity",
"description": "Create PingOne Authorize Entity"
},
{
"classifier": "entity",
"description": "Test PingOne Authorize Entity"
},
{
"classifier": "decisionendpoint",
"description": "Update PingOne Authorize Decision Endpoint"
},
{
"classifier": "entity",
"description": "Delete PingOne Authorize Entity"
},
{
"classifier": "environment",
"description": "Update environment"
},
{
"classifier": "integration",
"description": "Read an integration in integration catalog"
},
{
"classifier": "decisionendpoint",
"description": "Request Decision from a PingOne Authorize Decision Endpoint"
},
{
"classifier": "exploration",
"description": "Create data exploration"
},
{
"classifier": "decisionendpointcache",
"description": "Invalidate Cached Services used in Dynamic Authorization"
},
{
"classifier": "bootstrap",
"description": "Read bootstrap"
},
{
"classifier": "template",
"description": "Read data exploration template"
},
{
"classifier": "orchestration",
"description": "Retrieve Orchestration flow for Ping Enterprise deployment"
},
{
"classifier": "orchestration",
"description": "Deletes Orchestration flow for Ping Enterprise deployment"
},
{
"classifier": "exploration",
"description": "Read data exploration"
},
{
"classifier": "environment",
"description": "Delete environment"
},
{
"classifier": "environment",
"description": "Promote environment"
},
{
"classifier": "environmentLicense",
"description": "Update environment licenses"
},
{
"classifier": "console",
"description": "Access to PingOne administrator console."
},
{
"classifier": "integration",
"description": "Delete an integration in integration catalog"
},
{
"classifier": "deploymentpackage",
"description": "Read PingOne Authorize Deployment Packages"
},
{
"classifier": "key",
"description": "Create a key"
},
{
"classifier": "orchestration",
"description": "Deletes Orchestration flow for Ping Intelligence deployment"
},
{
"classifier": "dashboard",
"description": "Read dashboards"
},
{
"classifier": "orchestration",
"description": "Retrieve Orchestration flow for Ping Intelligence deployment"
},
{
"classifier": "version",
"description": "Read PingOne Authorize Policy Version"
},
{
"classifier": "orchestration",
"description": "Create PingOne Advanced Services Orchestration"
},
{
"classifier": "decisionendpoint",
"description": "Read PingOne Authorize Decision Endpoint"
},
{
"classifier": "environment",
"description": "Create environment"
},
{
"classifier": "mutableProperties",
"description": "Update licenses' mutable properties"
},
{
"classifier": "integration",
"description": "Update an integration in integration catalog"
},
{
"classifier": "license",
"description": "Read licenses"
},
{
"classifier": "deployment",
"description": "Create deployment resource"
},
{
"classifier": "tag",
"description": "Read PingOne Authorize Policy Version Tag"
},
{
"classifier": "decisionendpoint",
"description": "Delete PingOne Authorize Decision Endpoint"
},
{
"classifier": "tag",
"description": "Delete PingOne Authorize Policy Version Tag"
},
{
"classifier": "ssoLogin",
"description": "Read fraud SSO login"
},
{
"classifier": "bootstrap",
"description": "Create bootstrap"
},
{
"classifier": "orchestration",
"description": "Retrieve PingOne Advanced Services Orchestration"
}
]
},
{
"_links": {
"self": {
"href": "https://api.pingone.com/v1/roles/29ddce68-cd7f-4b2a-b6fc-f7a19553b496"
}
},
"id": "29ddce68-cd7f-4b2a-b6fc-f7a19553b496",
"name": "Environment Admin",
"description": "Environment Admin",
"applicableTo": [
"ENVIRONMENT",
"ORGANIZATION"
],
"permissions": [
{
"classifier": "fidoPolicy",
"description": "Create a FIDO policy"
},
{
"classifier": "population",
"description": "Create populations"
},
{
"classifier": "organization",
"description": "Read organizations"
},
{
"classifier": "flowPolicyAssignment",
"description": "Update flow policy assignments"
},
{
"classifier": "form",
"description": "Update a form"
},
{
"classifier": "voicePhraseContent",
"description": "Delete PingOne Verify Voice Phrase Content"
},
{
"classifier": "environment",
"description": "Read environments"
},
{
"classifier": "language",
"description": "Create a language"
},
{
"classifier": "revision",
"description": "create a new configuration for a specific environment"
},
{
"classifier": "tag",
"description": "Create and Update PingOne Authorize Policy Version Tag"
},
{
"classifier": "userSyncedStores",
"description": "get user's target store sync status"
},
{
"classifier": "decisionendpoint",
"description": "Create PingOne Authorize Decision Endpoint"
},
{
"classifier": "entity",
"description": "Create PingOne Authorize Entity"
},
{
"classifier": "entity",
"description": "Test PingOne Authorize Entity"
},
{
"classifier": "customDomain",
"description": "Delete a custom domain"
},
{
"classifier": "config",
"description": "Update the workflow configuration."
},
{
"classifier": "decisionendpoint",
"description": "Update PingOne Authorize Decision Endpoint"
},
{
"classifier": "rule",
"description": "Read rule"
},
{
"classifier": "mapping",
"description": "Read mapping"
},
{
"classifier": "emailDomain",
"description": "Update an email domain"
},
{
"classifier": "verifyPolicy",
"description": "Update PingOne Verify Policies"
},
{
"classifier": "predictor",
"description": "Create risk predictors"
},
{
"classifier": "signOnPolicy",
"description": "Retrieve sign-on policies"
},
{
"classifier": "subscription",
"description": "Delete a subscription"
},
{
"classifier": "signOnPolicy",
"description": "Create sign-on policies"
},
{
"classifier": "passwordPolicy",
"description": "Create Password Policies"
},
{
"classifier": "store",
"description": "delete store"
},
{
"classifier": "agreement",
"description": "Read Agreements"
},
{
"classifier": "policy",
"description": "Create risk policies"
},
{
"classifier": "eventsDetails",
"description": "Create fraud eventsDetails"
},
{
"classifier": "fidoPolicy",
"description": "Retrieve a FIDO policy"
},
{
"classifier": "channel",
"description": "Update AlertChannel"
},
{
"classifier": "key",
"description": "Update a key"
},
{
"classifier": "applicationRoleAssignments",
"description": "Read roles assigned to applications"
},
{
"classifier": "evaluation",
"description": "Read fraud evaluation"
},
{
"classifier": "console",
"description": "Access to PingOne administrator console."
},
{
"classifier": "gatewayRoleAssignments",
"description": "Read gateway role assignments"
},
{
"classifier": "voicePhrase",
"description": "Delete PingOne Verify Voice Phrase"
},
{
"classifier": "key",
"description": "Create a key"
},
{
"classifier": "roles",
"description": "Delete Custom Roles"
},
{
"classifier": "gateway",
"description": "Update gateway"
},
{
"classifier": "certificate",
"description": "Issue a new KDC certificate"
},
{
"classifier": "provisioningSyncOrchestration",
"description": "Create a provisioning sync orchestration in a specific environment"
},
{
"classifier": "decisionendpoint",
"description": "Read PingOne Authorize Decision Endpoint"
},
{
"classifier": "signOnPolicyAssignment",
"description": "Create a sign-on policy assignment"
},
{
"classifier": "identityProvider",
"description": "Update Identity Provider information"
},
{
"classifier": "language",
"description": "Delete a language"
},
{
"classifier": "secret",
"description": "Generate a new client secret for a resource"
},
{
"classifier": "agreement",
"description": "Create Agreement"
},
{
"classifier": "license",
"description": "Read licenses"
},
{
"classifier": "connection",
"description": "check external sass connection"
},
{
"classifier": "application",
"description": "Delete an application's OIDC settings"
},
{
"classifier": "resource",
"description": "Retrieve resources from an environment"
},
{
"classifier": "policy",
"description": "Read risk policies"
},
{
"classifier": "grant",
"description": "Update a single resource access grant for an application"
},
{
"classifier": "passwordPolicy",
"description": "Delete Password Policies"
},
{
"classifier": "pushCredentials",
"description": "Delete an application's push credentials information"
},
{
"classifier": "product",
"description": "Delete PingID product"
},
{
"classifier": "config",
"description": "Retrieve the workflow configuration."
},
{
"classifier": "verifyPolicy",
"description": "Delete PingOne Verify Policies"
},
{
"classifier": "templateContent",
"description": "Create a notification template's content"
},
{
"classifier": "deviceAuthenticationPolicy",
"description": "Delete device authentication policy"
},
{
"classifier": "notificationsPolicy",
"description": "Delete notifications policy"
},
{
"classifier": "recentdecisions",
"description": "Read Recent Decisions of a PingOne Authorize Decision Endpoint"
},
{
"classifier": "activity",
"description": "Get Audit Activity"
},
{
"classifier": "brandingSettings",
"description": "Update branding settings"
},
{
"classifier": "store",
"description": "update store"
},
{
"classifier": "subscription",
"description": "Create a subscription"
},
{
"classifier": "customDomain",
"description": "Create a custom domain"
},
{
"classifier": "channel",
"description": "Delete AlertChannel"
},
{
"classifier": "environment",
"description": "Delete PingOne Advanced Services environment"
},
{
"classifier": "mfaSettings",
"description": "Update MFA settings"
},
{
"classifier": "signOnPolicy",
"description": "Update sign-on policies"
},
{
"classifier": "integration",
"description": "Read an integration in integration catalog"
},
{
"classifier": "decisionendpoint",
"description": "Request Decision from a PingOne Authorize Decision Endpoint"
},
{
"classifier": "exploration",
"description": "Create data exploration"
},
{
"classifier": "secrets",
"description": "Read external service secrets"
},
{
"classifier": "form",
"description": "Read or list forms"
},
{
"classifier": "decisionendpointcache",
"description": "Invalidate Cached Services used in Dynamic Authorization"
},
{
"classifier": "feedback",
"description": "Create fraud feedback"
},
{
"classifier": "roles",
"description": "Create Custom Roles"
},
{
"classifier": "template",
"description": "Read data exploration template"
},
{
"classifier": "orchestration",
"description": "Retrieve Orchestration flow for Ping Enterprise deployment"
},
{
"classifier": "pushCredentials",
"description": "Create new push credentials for an application"
},
{
"classifier": "deviceAuthenticationPolicy",
"description": "Update device authentication policy"
},
{
"classifier": "signOnPolicyAssignment",
"description": "Delete sign-on policy assignments"
},
{
"classifier": "identityProvider",
"description": "Delete an Identity Provider"
},
{
"classifier": "image",
"description": "Retrieve an image"
},
{
"classifier": "mapping",
"description": "delete mapping"
},
{
"classifier": "exploration",
"description": "Read data exploration"
},
{
"classifier": "krp",
"description": "Update a Key Rotation Policy (KRP)"
},
{
"classifier": "voicePhraseContent",
"description": "Read PingOne Verify Voice Phrase Content"
},
{
"classifier": "deploymentpackage",
"description": "Read PingOne Authorize Deployment Packages"
},
{
"classifier": "attribute",
"description": "Update attributes in a resource"
},
{
"classifier": "key",
"description": "Read a key"
},
{
"classifier": "krp",
"description": "Create a Key Rotation Policy (KRP)"
},
{
"classifier": "channel",
"description": "Create AlertChannel"
},
{
"classifier": "dashboard",
"description": "Read dashboards"
},
{
"classifier": "group",
"description": "Read Group"
},
{
"classifier": "document",
"description": "Update PingOne Verify Document"
},
{
"classifier": "policy",
"description": "Delete risk policies"
},
{
"classifier": "version",
"description": "Read PingOne Authorize Policy Version"
},
{
"classifier": "subscription",
"description": "Update a subscription"
},
{
"classifier": "flowDefinition",
"description": "flow execution permission"
},
{
"classifier": "policy",
"description": "Update risk policies"
},
{
"classifier": "identityProvider",
"description": "Retrieve Identity Provider information"
},
{
"classifier": "attribute",
"description": "Create attributes in a resource"
},
{
"classifier": "tag",
"description": "Delete PingOne Authorize Policy Version Tag"
},
{
"classifier": "templateContent",
"description": "Update a notification template's content"
},
{
"classifier": "application",
"description": "Create an application's OIDC settings"
},
{
"classifier": "secrets",
"description": "Update external service secrets"
},
{
"classifier": "deviceAuthenticationPolicy",
"description": "Create device authentication policy"
},
{
"classifier": "document",
"description": "Read PingOne Verify Document"
},
{
"classifier": "population",
"description": "Update populations"
},
{
"classifier": "flowPolicy",
"description": "Retrieve flow policies"
},
{
"classifier": "session",
"description": "Read fraud session"
},
{
"classifier": "scope",
"description": "Update scopes in a resource"
},
{
"classifier": "document",
"description": "Delete PingOne Verify Document"
},
{
"classifier": "emailDomain",
"description": "Create an email domain"
},
{
"classifier": "plan",
"description": "Read plan"
},
{
"classifier": "orchestration",
"description": "Retrieve PingOne Advanced Services Orchestration"
},
{
"classifier": "notificationsSettings",
"description": "Reset notifications settings"
},
{
"classifier": "recaptchaV2Config",
"description": "Update a reCAPTCHA V2 config"
},
{
"classifier": "entity",
"description": "Read PingOne Authorize Entity"
},
{
"classifier": "resource",
"description": "Create resources on an environment"
},
{
"classifier": "predictor",
"description": "Update risk predictors"
},
{
"classifier": "templateContent",
"description": "Retrieve a notification template's content"
},
{
"classifier": "pushCredentials",
"description": "Update application's push credentials information"
},
{
"classifier": "verifyPolicy",
"description": "Create PingOne Verify Policies"
},
{
"classifier": "orchestration",
"description": "Updates Orchestration flow for Ping Enterprise deployment"
},
{
"classifier": "recaptchaV2Config",
"description": "Delete a reCAPTCHA V2 config"
},
{
"classifier": "image",
"description": "Create an image"
},
{
"classifier": "eventsDetails",
"description": "Read fraud eventsDetails"
},
{
"classifier": "scope",
"description": "Delete scopes from a resource"
},
{
"classifier": "theme",
"description": "Create a theme"
},
{
"classifier": "recaptchaV2Config",
"description": "Read a reCAPTCHA V2 config"
},
{
"classifier": "document",
"description": "Create PingOne Verify Document"
},
{
"classifier": "fidoPolicy",
"description": "Update a FIDO policy"
},
{
"classifier": "apiServer",
"description": "Delete Managed API Servers"
},
{
"classifier": "certificate",
"description": "Read a certificate"
},
{
"classifier": "environment",
"description": "Update environment"
},
{
"classifier": "grant",
"description": "Retrieve a single resource access grant for an application"
},
{
"classifier": "roles",
"description": "Read Custom Roles"
},
{
"classifier": "roles",
"description": "Update Custom Roles"
},
{
"classifier": "externalService",
"description": "Delete an external service"
},
{
"classifier": "agreement",
"description": "Update Agreement"
},
{
"classifier": "config",
"description": "Create the workflow configuration."
},
{
"classifier": "customDomain",
"description": "Update a custom domain"
},
{
"classifier": "form",
"description": "Create a form"
},
{
"classifier": "flowDefinition",
"description": "Delete a flow definition"
},
{
"classifier": "gatewayRoleAssignments",
"description": "Delete gateway role assignments"
},
{
"classifier": "theme",
"description": "Delete a theme"
},
{
"classifier": "externalService",
"description": "Create an external service"
},
{
"classifier": "gatewayRoleAssignments",
"description": "Update gateway role assignments"
},
{
"classifier": "population",
"description": "Delete populations"
},
{
"classifier": "resource",
"description": "Delete resources from an environment"
},
{
"classifier": "flowDefinition",
"description": "Read a flow definition"
},
{
"classifier": "subscription",
"description": "Read a subscription"
},
{
"classifier": "signOnPolicy",
"description": "Delete sign-on policies"
},
{
"classifier": "environment",
"description": "Promote environment"
},
{
"classifier": "passwordPolicy",
"description": "Read Password Policies"
},
{
"classifier": "grant",
"description": "Delete a single resource access grant for an application"
},
{
"classifier": "scope",
"description": "Create scopes in a resource"
},
{
"classifier": "application",
"description": "Update an application's OIDC settings"
},
{
"classifier": "secret",
"description": "Retrieve an application’s client secret"
},
{
"classifier": "emailDomain",
"description": "Delete an email domain"
},
{
"classifier": "configs",
"description": "Read End User UI Configurations"
},
{
"classifier": "applicationRoleAssignments",
"description": "Update roles assigned to applications"
},
{
"classifier": "voicePhraseContent",
"description": "Create PingOne Verify Voice Phrase Content"
},
{
"classifier": "krp",
"description": "Delete a Key Rotation Policy (KRP)"
},
{
"classifier": "scope",
"description": "Retrieve scopes from a resource"
},
{
"classifier": "brandingSettings",
"description": "Read or list branding settings"
},
{
"classifier": "fidoDeviceMetadata",
"description": "Create Custom FIDO Device Metadata"
},
{
"classifier": "orchestration",
"description": "Retrieve Orchestration flow for Ping Intelligence deployment"
},
{
"classifier": "orchestration",
"description": "Create PingOne Advanced Services Orchestration"
},
{
"classifier": "krp",
"description": "Read Key Rotation Policies (KRP)"
},
{
"classifier": "attribute",
"description": "Delete attributes from a resource"
},
{
"classifier": "population",
"description": "Read populations"
},
{
"classifier": "apiServer",
"description": "Retrieve Managed API Servers"
},
{
"classifier": "pushCredentials",
"description": "Retrieve application's push credentials information"
},
{
"classifier": "channel",
"description": "Read AlertChannels"
},
{
"classifier": "deployment",
"description": "Create deployment resource"
},
{
"classifier": "tag",
"description": "Read PingOne Authorize Policy Version Tag"
},
{
"classifier": "certificate",
"description": "Deletes a certificate"
},
{
"classifier": "application",
"description": "Retrieve an application's OIDC settings"
},
{
"classifier": "notificationsSettings",
"description": "Update notifications settings"
},
{
"classifier": "flowDefinition",
"description": "Create a flow definition"
},
{
"classifier": "attribute",
"description": "Retrieve attributes from a resource"
},
{
"classifier": "voicePhrase",
"description": "Read PingOne Verify Voice Phrase"
},
{
"classifier": "notification",
"description": "Create a notification"
},
{
"classifier": "certificate",
"description": "Create a certificate"
},
{
"classifier": "entity",
"description": "Update PingOne Authorize Entity"
},
{
"classifier": "notificationsPolicy",
"description": "Retrieve notifications policy"
},
{
"classifier": "schema",
"description": "Delete schemas"
},
{
"classifier": "branding",
"description": "Create and update branding"
},
{
"classifier": "mfaSettings",
"description": "Reset MFA settings"
},
{
"classifier": "predictor",
"description": "Delete risk predictors"
},
{
"classifier": "flowPolicyAssignment",
"description": "Create a flow policy assignment"
},
{
"classifier": "theme",
"description": "Update a theme"
},
{
"classifier": "rule",
"description": "delete rule"
},
{
"classifier": "plan",
"description": "update plan"
},
{
"classifier": "certificate",
"description": "Update a certificate"
},
{
"classifier": "voicePhrase",
"description": "Create PingOne Verify Voice Phrase"
},
{
"classifier": "language",
"description": "Update a language"
},
{
"classifier": "emailDomain",
"description": "Read or list email domains"
},
{
"classifier": "store",
"description": "Read store"
},
{
"classifier": "orchestration",
"description": "Updates Orchestration flow for Ping Intelligence deployment"
},
{
"classifier": "configs",
"description": "Update End User UI Configurations"
},
{
"classifier": "signOnPolicyAssignment",
"description": "Update sign-on policy assignments"
},
{
"classifier": "deployment",
"description": "Read deployment resource"
},
{
"classifier": "mapping",
"description": "update mapping"
},
{
"classifier": "voicePhrase",
"description": "Update PingOne Verify Voice Phrase"
},
{
"classifier": "verifyPolicy",
"description": "Read PingOne Verify Policies"
},
{
"classifier": "entity",
"description": "Delete PingOne Authorize Entity"
},
{
"classifier": "voicePhraseContent",
"description": "Update PingOne Verify Voice Phrase Content"
},
{
"classifier": "rule",
"description": "update rule"
},
{
"classifier": "schema",
"description": "Update schemas"
},
{
"classifier": "templateContent",
"description": "Deletes a notification template's content"
},
{
"classifier": "identityProvider",
"description": "Create new Identity Provider"
},
{
"classifier": "schema",
"description": "Read schemas"
},
{
"classifier": "template",
"description": "Retrieve a notification template"
},
{
"classifier": "notificationsPolicy",
"description": "Create notifications policy"
},
{
"classifier": "externalService",
"description": "Read a external service(s)"
},
{
"classifier": "signOnPolicyAssignment",
"description": "Retrieve sign-on policy assignments"
},
{
"classifier": "gateway",
"description": "Create gateway"
},
{
"classifier": "configs",
"description": "Delete End User UI Configurations"
},
{
"classifier": "flowPolicyAssignment",
"description": "Delete flow policy assignments"
},
{
"classifier": "mfaSettings",
"description": "Retrieve MFA settings"
},
{
"classifier": "language",
"description": "Read or list languages"
},
{
"classifier": "fidoDeviceMetadata",
"description": "Retrieve FIDO Device Metadata"
},
{
"classifier": "customDomain",
"description": "Read or list custom domains"
},
{
"classifier": "feedback",
"description": "Read fraud feedback"
},
{
"classifier": "passwordPolicy",
"description": "Update Password Policies"
},
{
"classifier": "apiServer",
"description": "Create Managed API Servers"
},
{
"classifier": "notificationsSettings",
"description": "Read notifications settings"
},
{
"classifier": "deviceAuthenticationPolicy",
"description": "Retrieve device authentication policy"
},
{
"classifier": "configs",
"description": "Create End User UI Configurations"
},
{
"classifier": "secret",
"description": "Generate a new client secret"
},
{
"classifier": "key",
"description": "Deletes a key"
},
{
"classifier": "predictor",
"description": "Read risk predictors"
},
{
"classifier": "resource",
"description": "Update resources on an environment"
},
{
"classifier": "externalService",
"description": "Invoke an external service request"
},
{
"classifier": "product",
"description": "Create PingID product"
},
{
"classifier": "externalService",
"description": "Update an external service"
},
{
"classifier": "connectionSensitiveConfiguration",
"description": "Get connection sensitive configuration"
},
{
"classifier": "fidoDeviceMetadata",
"description": "Delete Custom FIDO Device Metadata"
},
{
"classifier": "flowDefinition",
"description": "Update a flow definition"
},
{
"classifier": "revision",
"description": "get configuration for a specific environment"
},
{
"classifier": "plan",
"description": "delete plan"
},
{
"classifier": "theme",
"description": "Read or list themes"
},
{
"classifier": "branding",
"description": "Delete branding"
},
{
"classifier": "provisioningSyncOrchestration",
"description": "Update a provisioning sync orchestration in a specific environment"
},
{
"classifier": "apiServer",
"description": "Update Managed API Servers"
},
{
"classifier": "gateway",
"description": "Read gateways"
},
{
"classifier": "gateway",
"description": "Delete gateway"
},
{
"classifier": "agreement",
"description": "Delete Agreement"
},
{
"classifier": "flowPolicyAssignment",
"description": "Retrieve flow policy assignments"
},
{
"classifier": "secret",
"description": "Retrieve a resource’s client secret"
},
{
"classifier": "grant",
"description": "Create a new resource access grant for an application"
},
{
"classifier": "image",
"description": "Delete an image"
},
{
"classifier": "ssoLogin",
"description": "Read fraud SSO login"
},
{
"classifier": "fidoPolicy",
"description": "Delete a FIDO policy"
},
{
"classifier": "notificationsPolicy",
"description": "Update notifications policy"
},
{
"classifier": "form",
"description": "Delete a form"
}
],
"canAssign": [
{
"id": "7aba580c-5ec7-4b26-987d-85f462767455"
}
]
},
{
"_links": {
"self": {
"href": "https://api.pingone.com/v1/roles/0bd9c966-7664-4ac1-b059-0ff9293908e2"
}
},
"id": "0bd9c966-7664-4ac1-b059-0ff9293908e2",
"name": "Identity Data Admin",
"description": "Identity Data Admin",
"applicableTo": [
"ENVIRONMENT",
"POPULATION"
],
"permissions": [
{
"classifier": "cluster",
"description": "Read fraud clusters"
},
{
"classifier": "verifyPolicy",
"description": "Create PingOne Verify Policies"
},
{
"classifier": "organization",
"description": "Read organizations"
},
{
"classifier": "user",
"description": "Read users via SCIM"
},
{
"classifier": "image",
"description": "Create an image"
},
{
"classifier": "eventsDetails",
"description": "Read fraud eventsDetails"
},
{
"classifier": "oauthConsent",
"description": "Update OAuth Consent"
},
{
"classifier": "voicePhraseContent",
"description": "Delete PingOne Verify Voice Phrase Content"
},
{
"classifier": "environment",
"description": "Read environments"
},
{
"classifier": "document",
"description": "Create PingOne Verify Document"
},
{
"classifier": "userConsent",
"description": "Read User Consents"
},
{
"classifier": "userSyncedStores",
"description": "get user's target store sync status"
},
{
"classifier": "userPassword",
"description": "Read a user's password state"
},
{
"classifier": "evaluation",
"description": "Update risk evaluations"
},
{
"classifier": "directLdap",
"description": "Perform direct LDAP operations through the LDAP gateway"
},
{
"classifier": "certificate",
"description": "Read a certificate"
},
{
"classifier": "createTestDevice",
"description": "Ability to create device designated for tests"
},
{
"classifier": "user",
"description": "Delete users via SCIM"
},
{
"classifier": "sessions",
"description": "Delete a user's sessions"
},
{
"classifier": "verifyPolicy",
"description": "Update PingOne Verify Policies"
},
{
"classifier": "sessions",
"description": "Create new anonymous or user sessions"
},
{
"classifier": "roles",
"description": "Read Custom Roles"
},
{
"classifier": "roles",
"description": "Update Custom Roles"
},
{
"classifier": "userPassword",
"description": "Validate a user's password"
},
{
"classifier": "device",
"description": "Update user's device"
},
{
"classifier": "userRoleAssignments",
"description": "Read roles assigned to users"
},
{
"classifier": "feedback",
"description": "Update fraud feedback"
},
{
"classifier": "schema",
"description": "Read schemas via SCIM"
},
{
"classifier": "userPassword",
"description": "Recover a user's password"
},
{
"classifier": "userAccount",
"description": "Unlock User Account"
},
{
"classifier": "eventsDetails",
"description": "Create fraud eventsDetails"
},
{
"classifier": "passwordPolicy",
"description": "Read Password Policies"
},
{
"classifier": "userLinkedAccounts",
"description": "Delete linked accounts for users"
},
{
"classifier": "evaluation",
"description": "Read fraud evaluation"
},
{
"classifier": "console",
"description": "Access to PingOne administrator console."
},
{
"classifier": "oauthConsent",
"description": "Create OAuth Consent"
},
{
"classifier": "voicePhrase",
"description": "Delete PingOne Verify Voice Phrase"
},
{
"classifier": "user",
"description": "Create users via SCIM"
},
{
"classifier": "referenceData",
"description": "Read PingOne Verify Reference Data"
},
{
"classifier": "roles",
"description": "Delete Custom Roles"
},
{
"classifier": "userLinkedAccounts",
"description": "Read linked accounts for users"
},
{
"classifier": "verifyTransactions",
"description": "Read PingOne Verify Transaction(s)"
},
{
"classifier": "voicePhraseContent",
"description": "Create PingOne Verify Voice Phrase Content"
},
{
"classifier": "userPassword",
"description": "Reset a user's password"
},
{
"classifier": "evaluation",
"description": "Create risk evaluations"
},
{
"classifier": "userVerifyStatus",
"description": "Update user's verifyStatus"
},
{
"classifier": "analytics",
"description": "Read fraud analytics"
},
{
"classifier": "device",
"description": "Authenticate using a device"
},
{
"classifier": "pairingKey",
"description": "Delete a user's pairing key information"
},
{
"classifier": "credentials",
"description": "Update credential type or issue credential to a user"
},
{
"classifier": "group",
"description": "Delete Group"
},
{
"classifier": "sessions",
"description": "Read a user's sessions"
},
{
"classifier": "oauthConsent",
"description": "Read OAuth Consents"
},
{
"classifier": "population",
"description": "Read populations"
},
{
"classifier": "license",
"description": "Read licenses"
},
{
"classifier": "policy",
"description": "Read risk policies"
},
{
"classifier": "group",
"description": "Update Group"
},
{
"classifier": "verifiedUserData",
"description": "Get PingOne Verify Verified User Data"
},
{
"classifier": "integration",
"description": "Read PingID user integrations(services)"
},
{
"classifier": "voicePhrase",
"description": "Read PingOne Verify Voice Phrase"
},
{
"classifier": "groupMembership",
"description": "Delete Group Membership"
},
{
"classifier": "user",
"description": "Update users"
},
{
"classifier": "user",
"description": "Read users"
},
{
"classifier": "verifiedUserData",
"description": "Delete PingOne Verify Verified User Data"
},
{
"classifier": "verifyPolicy",
"description": "Delete PingOne Verify Policies"
},
{
"classifier": "evaluation",
"description": "Create fraud evaluation"
},
{
"classifier": "sessions",
"description": "Update anonymous or user sessions"
},
{
"classifier": "activity",
"description": "Get Audit Activity"
},
{
"classifier": "voicePhrase",
"description": "Create PingOne Verify Voice Phrase"
},
{
"classifier": "groupMembership",
"description": "Read Group Membership"
},
{
"classifier": "userConsent",
"description": "Create User Consent"
},
{
"classifier": "userPassword",
"description": "Set a user's cleartext or pre-encoded password"
},
{
"classifier": "userIdentityProvider",
"description": "Update user's identity provider"
},
{
"classifier": "user",
"description": "Reset PingID user"
},
{
"classifier": "deployment",
"description": "Read deployment resource"
},
{
"classifier": "voicePhrase",
"description": "Update PingOne Verify Voice Phrase"
},
{
"classifier": "issuerProfile",
"description": "Define Credential Issuer Profile"
},
{
"classifier": "verifyPolicy",
"description": "Read PingOne Verify Policies"
},
{
"classifier": "integration",
"description": "Update PingID user integration(service)"
},
{
"classifier": "voicePhraseContent",
"description": "Update PingOne Verify Voice Phrase Content"
},
{
"classifier": "verifyTransactions",
"description": "Delete PingOne Verify Transaction"
},
{
"classifier": "userPassword",
"description": "Validate user credentials via LDAP gateway"
},
{
"classifier": "exploration",
"description": "Create data exploration"
},
{
"classifier": "schema",
"description": "Read schemas"
},
{
"classifier": "user",
"description": "Delete users"
},
{
"classifier": "userEnabled",
"description": "Update user's enabled status"
},
{
"classifier": "device",
"description": "Create user's device"
},
{
"classifier": "prediction",
"description": "Create a prediction"
},
{
"classifier": "feedback",
"description": "Create fraud feedback"
},
{
"classifier": "credentials",
"description": "Read a credential type or issue credential to a user"
},
{
"classifier": "roles",
"description": "Create Custom Roles"
},
{
"classifier": "template",
"description": "Read data exploration template"
},
{
"classifier": "referenceData",
"description": "Delete PingOne Verify Reference Data"
},
{
"classifier": "device",
"description": "Retrieve user's device"
},
{
"classifier": "user",
"description": "Verify a user using a verification code"
},
{
"classifier": "image",
"description": "Retrieve an image"
},
{
"classifier": "feedback",
"description": "Read fraud feedback"
},
{
"classifier": "exploration",
"description": "Read data exploration"
},
{
"classifier": "userConsent",
"description": "Delete User Consents"
},
{
"classifier": "cluster",
"description": "Update fraud clusters"
},
{
"classifier": "verifyTransactions",
"description": "Create PingOne Verify Transaction"
},
{
"classifier": "issuerProfile",
"description": "Read Credential Issuer Profile"
},
{
"classifier": "voicePhraseContent",
"description": "Read PingOne Verify Voice Phrase Content"
},
{
"classifier": "evaluation",
"description": "Read risk evaluations"
},
{
"classifier": "issuerProfile",
"description": "Update Credential Issuer Profile"
},
{
"classifier": "credentials",
"description": "Create credential type or issue credential to a user"
},
{
"classifier": "verifyTransactions",
"description": "Update PingOne Verify Transaction"
},
{
"classifier": "predictor",
"description": "Read risk predictors"
},
{
"classifier": "userPassword",
"description": "Unlock a user's password"
},
{
"classifier": "pairingKey",
"description": "Create new pairing key for a user"
},
{
"classifier": "dashboard",
"description": "Read dashboards"
},
{
"classifier": "group",
"description": "Read Group"
},
{
"classifier": "document",
"description": "Update PingOne Verify Document"
},
{
"classifier": "user",
"description": "Update users via SCIM"
},
{
"classifier": "userMfaEnabled",
"description": "Update user's mfaEnabled status"
},
{
"classifier": "kerberos",
"description": "Validate user credentials using Kerberos"
},
{
"classifier": "session",
"description": "Read RADIUS session associated with the environment"
},
{
"classifier": "userLinkedAccounts",
"description": "Create linked accounts for users"
},
{
"classifier": "pairingKey",
"description": "Retrieve a user's pairing key information"
},
{
"classifier": "user",
"description": "Create users"
},
{
"classifier": "identityProvider",
"description": "Retrieve Identity Provider information"
},
{
"classifier": "device",
"description": "Delete user's device"
},
{
"classifier": "activity",
"description": "Read PingID user last activity"
},
{
"classifier": "groupMembership",
"description": "Create Group Membership"
},
{
"classifier": "document",
"description": "Read PingOne Verify Document"
},
{
"classifier": "image",
"description": "Delete an image"
},
{
"classifier": "ssoLogin",
"description": "Read fraud SSO login"
},
{
"classifier": "userRoleAssignments",
"description": "Update roles assigned to users"
},
{
"classifier": "user",
"description": "Import users"
},
{
"classifier": "userConsent",
"description": "Update User Consent"
},
{
"classifier": "session",
"description": "Read fraud session"
},
{
"classifier": "group",
"description": "Create Group"
},
{
"classifier": "document",
"description": "Delete PingOne Verify Document"
},
{
"classifier": "userPassword",
"description": "Force a user to change password at next login"
}
],
"canAssign": [
{
"id": "ce00e15f-f845-4df1-abf3-fdc4ff4e176c"
}
]
},
{
"_links": {
"self": {
"href": "https://api.pingone.com/v1/roles/b5057d0d-7281-47f6-9398-8a7e4cb71397"
}
},
"id": "b5057d0d-7281-47f6-9398-8a7e4cb71397",
"name": "Client Application Developer",
"description": "Client Application Developer",
"applicableTo": [
"ENVIRONMENT"
],
"permissions": [
{
"classifier": "config",
"description": "Retrieve the workflow configuration."
},
{
"classifier": "cluster",
"description": "Read fraud clusters"
},
{
"classifier": "resource",
"description": "Create resources on an environment"
},
{
"classifier": "pushCredentials",
"description": "Update application's push credentials information"
},
{
"classifier": "flowPolicyAssignment",
"description": "Create a flow policy assignment"
},
{
"classifier": "organization",
"description": "Read organizations"
},
{
"classifier": "flowPolicyAssignment",
"description": "Update flow policy assignments"
},
{
"classifier": "image",
"description": "Create an image"
},
{
"classifier": "scope",
"description": "Delete scopes from a resource"
},
{
"classifier": "environment",
"description": "Read environments"
},
{
"classifier": "recaptchaV2Config",
"description": "Read a reCAPTCHA V2 config"
},
{
"classifier": "configs",
"description": "Update End User UI Configurations"
},
{
"classifier": "signOnPolicyAssignment",
"description": "Update sign-on policy assignments"
},
{
"classifier": "deployment",
"description": "Read deployment resource"
},
{
"classifier": "apiServer",
"description": "Delete Managed API Servers"
},
{
"classifier": "config",
"description": "Update the workflow configuration."
},
{
"classifier": "certificate",
"description": "Read a certificate"
},
{
"classifier": "integration",
"description": "Read an integration in integration catalog"
},
{
"classifier": "grant",
"description": "Retrieve a single resource access grant for an application"
},
{
"classifier": "signOnPolicy",
"description": "Retrieve sign-on policies"
},
{
"classifier": "identityProvider",
"description": "Create new Identity Provider"
},
{
"classifier": "exploration",
"description": "Create data exploration"
},
{
"classifier": "schema",
"description": "Read schemas"
},
{
"classifier": "form",
"description": "Read or list forms"
},
{
"classifier": "signOnPolicyAssignment",
"description": "Retrieve sign-on policy assignments"
},
{
"classifier": "configs",
"description": "Delete End User UI Configurations"
},
{
"classifier": "flowPolicyAssignment",
"description": "Delete flow policy assignments"
},
{
"classifier": "template",
"description": "Read data exploration template"
},
{
"classifier": "orchestration",
"description": "Retrieve Orchestration flow for Ping Enterprise deployment"
},
{
"classifier": "pushCredentials",
"description": "Create new push credentials for an application"
},
{
"classifier": "signOnPolicyAssignment",
"description": "Delete sign-on policy assignments"
},
{
"classifier": "customDomain",
"description": "Read or list custom domains"
},
{
"classifier": "identityProvider",
"description": "Delete an Identity Provider"
},
{
"classifier": "resource",
"description": "Delete resources from an environment"
},
{
"classifier": "image",
"description": "Retrieve an image"
},
{
"classifier": "flowDefinition",
"description": "Read a flow definition"
},
{
"classifier": "exploration",
"description": "Read data exploration"
},
{
"classifier": "grant",
"description": "Delete a single resource access grant for an application"
},
{
"classifier": "scope",
"description": "Create scopes in a resource"
},
{
"classifier": "applicationRoleAssignments",
"description": "Read roles assigned to applications"
},
{
"classifier": "console",
"description": "Access to PingOne administrator console."
},
{
"classifier": "application",
"description": "Update an application's OIDC settings"
},
{
"classifier": "secret",
"description": "Retrieve an application’s client secret"
},
{
"classifier": "apiServer",
"description": "Create Managed API Servers"
},
{
"classifier": "configs",
"description": "Read End User UI Configurations"
},
{
"classifier": "configs",
"description": "Create End User UI Configurations"
},
{
"classifier": "secret",
"description": "Generate a new client secret"
},
{
"classifier": "attribute",
"description": "Update attributes in a resource"
},
{
"classifier": "applicationRoleAssignments",
"description": "Update roles assigned to applications"
},
{
"classifier": "key",
"description": "Read a key"
},
{
"classifier": "resource",
"description": "Update resources on an environment"
},
{
"classifier": "dashboard",
"description": "Read dashboards"
},
{
"classifier": "scope",
"description": "Retrieve scopes from a resource"
},
{
"classifier": "group",
"description": "Read Group"
},
{
"classifier": "brandingSettings",
"description": "Read or list branding settings"
},
{
"classifier": "orchestration",
"description": "Retrieve Orchestration flow for Ping Intelligence deployment"
},
{
"classifier": "signOnPolicyAssignment",
"description": "Create a sign-on policy assignment"
},
{
"classifier": "theme",
"description": "Read or list themes"
},
{
"classifier": "identityProvider",
"description": "Update Identity Provider information"
},
{
"classifier": "attribute",
"description": "Delete attributes from a resource"
},
{
"classifier": "secret",
"description": "Generate a new client secret for a resource"
},
{
"classifier": "population",
"description": "Read populations"
},
{
"classifier": "apiServer",
"description": "Update Managed API Servers"
},
{
"classifier": "apiServer",
"description": "Retrieve Managed API Servers"
},
{
"classifier": "pushCredentials",
"description": "Retrieve application's push credentials information"
},
{
"classifier": "identityProvider",
"description": "Retrieve Identity Provider information"
},
{
"classifier": "license",
"description": "Read licenses"
},
{
"classifier": "application",
"description": "Delete an application's OIDC settings"
},
{
"classifier": "resource",
"description": "Retrieve resources from an environment"
},
{
"classifier": "grant",
"description": "Update a single resource access grant for an application"
},
{
"classifier": "application",
"description": "Retrieve an application's OIDC settings"
},
{
"classifier": "attribute",
"description": "Create attributes in a resource"
},
{
"classifier": "flowPolicyAssignment",
"description": "Retrieve flow policy assignments"
},
{
"classifier": "application",
"description": "Create an application's OIDC settings"
},
{
"classifier": "secret",
"description": "Retrieve a resource’s client secret"
},
{
"classifier": "grant",
"description": "Create a new resource access grant for an application"
},
{
"classifier": "image",
"description": "Delete an image"
},
{
"classifier": "ssoLogin",
"description": "Read fraud SSO login"
},
{
"classifier": "flowPolicy",
"description": "Retrieve flow policies"
},
{
"classifier": "pushCredentials",
"description": "Delete an application's push credentials information"
},
{
"classifier": "scope",
"description": "Update scopes in a resource"
},
{
"classifier": "attribute",
"description": "Retrieve attributes from a resource"
},
{
"classifier": "orchestration",
"description": "Retrieve PingOne Advanced Services Orchestration"
}
]
},
{
"_links": {
"self": {
"href": "https://api.pingone.com/v1/roles/ce00e15f-f845-4df1-abf3-fdc4ff4e176c"
}
},
"id": "ce00e15f-f845-4df1-abf3-fdc4ff4e176c",
"name": "Identity Data Read Only",
"description": "Identity Data Read Only",
"applicableTo": [
"ENVIRONMENT",
"POPULATION"
],
"permissions": [
{
"classifier": "user",
"description": "Read users"
},
{
"classifier": "cluster",
"description": "Read fraud clusters"
},
{
"classifier": "organization",
"description": "Read organizations"
},
{
"classifier": "user",
"description": "Read users via SCIM"
},
{
"classifier": "eventsDetails",
"description": "Read fraud eventsDetails"
},
{
"classifier": "activity",
"description": "Get Audit Activity"
},
{
"classifier": "groupMembership",
"description": "Read Group Membership"
},
{
"classifier": "environment",
"description": "Read environments"
},
{
"classifier": "deployment",
"description": "Read deployment resource"
},
{
"classifier": "userConsent",
"description": "Read User Consents"
},
{
"classifier": "userSyncedStores",
"description": "get user's target store sync status"
},
{
"classifier": "verifyPolicy",
"description": "Read PingOne Verify Policies"
},
{
"classifier": "userPassword",
"description": "Read a user's password state"
},
{
"classifier": "certificate",
"description": "Read a certificate"
},
{
"classifier": "roles",
"description": "Read Custom Roles"
},
{
"classifier": "exploration",
"description": "Create data exploration"
},
{
"classifier": "schema",
"description": "Read schemas"
},
{
"classifier": "userRoleAssignments",
"description": "Read roles assigned to users"
},
{
"classifier": "credentials",
"description": "Read a credential type or issue credential to a user"
},
{
"classifier": "template",
"description": "Read data exploration template"
},
{
"classifier": "device",
"description": "Retrieve user's device"
},
{
"classifier": "schema",
"description": "Read schemas via SCIM"
},
{
"classifier": "image",
"description": "Retrieve an image"
},
{
"classifier": "feedback",
"description": "Read fraud feedback"
},
{
"classifier": "exploration",
"description": "Read data exploration"
},
{
"classifier": "passwordPolicy",
"description": "Read Password Policies"
},
{
"classifier": "evaluation",
"description": "Read fraud evaluation"
},
{
"classifier": "console",
"description": "Access to PingOne administrator console."
},
{
"classifier": "issuerProfile",
"description": "Read Credential Issuer Profile"
},
{
"classifier": "voicePhraseContent",
"description": "Read PingOne Verify Voice Phrase Content"
},
{
"classifier": "evaluation",
"description": "Read risk evaluations"
},
{
"classifier": "userLinkedAccounts",
"description": "Read linked accounts for users"
},
{
"classifier": "predictor",
"description": "Read risk predictors"
},
{
"classifier": "verifyTransactions",
"description": "Read PingOne Verify Transaction(s)"
},
{
"classifier": "dashboard",
"description": "Read dashboards"
},
{
"classifier": "group",
"description": "Read Group"
},
{
"classifier": "analytics",
"description": "Read fraud analytics"
},
{
"classifier": "session",
"description": "Read RADIUS session associated with the environment"
},
{
"classifier": "pairingKey",
"description": "Retrieve a user's pairing key information"
},
{
"classifier": "sessions",
"description": "Read a user's sessions"
},
{
"classifier": "oauthConsent",
"description": "Read OAuth Consents"
},
{
"classifier": "population",
"description": "Read populations"
},
{
"classifier": "license",
"description": "Read licenses"
},
{
"classifier": "identityProvider",
"description": "Retrieve Identity Provider information"
},
{
"classifier": "policy",
"description": "Read risk policies"
},
{
"classifier": "activity",
"description": "Read PingID user last activity"
},
{
"classifier": "ssoLogin",
"description": "Read fraud SSO login"
},
{
"classifier": "session",
"description": "Read fraud session"
},
{
"classifier": "integration",
"description": "Read PingID user integrations(services)"
},
{
"classifier": "voicePhrase",
"description": "Read PingOne Verify Voice Phrase"
}
]
},
{
"_links": {
"self": {
"href": "https://api.pingone.com/v1/roles/7aba580c-5ec7-4b26-987d-85f462767455"
}
},
"id": "7aba580c-5ec7-4b26-987d-85f462767455",
"name": "Configuration Read Only",
"description": "Configuration Read Only",
"applicableTo": [
"ENVIRONMENT",
"ORGANIZATION"
],
"permissions": [
{
"classifier": "config",
"description": "Retrieve the workflow configuration."
},
{
"classifier": "notificationsPolicy",
"description": "Retrieve notifications policy"
},
{
"classifier": "entity",
"description": "Read PingOne Authorize Entity"
},
{
"classifier": "templateContent",
"description": "Retrieve a notification template's content"
},
{
"classifier": "recentdecisions",
"description": "Read Recent Decisions of a PingOne Authorize Decision Endpoint"
},
{
"classifier": "organization",
"description": "Read organizations"
},
{
"classifier": "eventsDetails",
"description": "Read fraud eventsDetails"
},
{
"classifier": "activity",
"description": "Get Audit Activity"
},
{
"classifier": "environment",
"description": "Read environments"
},
{
"classifier": "recaptchaV2Config",
"description": "Read a reCAPTCHA V2 config"
},
{
"classifier": "emailDomain",
"description": "Read or list email domains"
},
{
"classifier": "store",
"description": "Read store"
},
{
"classifier": "deployment",
"description": "Read deployment resource"
},
{
"classifier": "userSyncedStores",
"description": "get user's target store sync status"
},
{
"classifier": "verifyPolicy",
"description": "Read PingOne Verify Policies"
},
{
"classifier": "certificate",
"description": "Read a certificate"
},
{
"classifier": "rule",
"description": "Read rule"
},
{
"classifier": "integration",
"description": "Read an integration in integration catalog"
},
{
"classifier": "mapping",
"description": "Read mapping"
},
{
"classifier": "grant",
"description": "Retrieve a single resource access grant for an application"
},
{
"classifier": "signOnPolicy",
"description": "Retrieve sign-on policies"
},
{
"classifier": "roles",
"description": "Read Custom Roles"
},
{
"classifier": "exploration",
"description": "Create data exploration"
},
{
"classifier": "schema",
"description": "Read schemas"
},
{
"classifier": "secrets",
"description": "Read external service secrets"
},
{
"classifier": "template",
"description": "Retrieve a notification template"
},
{
"classifier": "form",
"description": "Read or list forms"
},
{
"classifier": "externalService",
"description": "Read a external service(s)"
},
{
"classifier": "agreement",
"description": "Read Agreements"
},
{
"classifier": "signOnPolicyAssignment",
"description": "Retrieve sign-on policy assignments"
},
{
"classifier": "template",
"description": "Read data exploration template"
},
{
"classifier": "orchestration",
"description": "Retrieve Orchestration flow for Ping Enterprise deployment"
},
{
"classifier": "mfaSettings",
"description": "Retrieve MFA settings"
},
{
"classifier": "language",
"description": "Read or list languages"
},
{
"classifier": "fidoDeviceMetadata",
"description": "Retrieve FIDO Device Metadata"
},
{
"classifier": "customDomain",
"description": "Read or list custom domains"
},
{
"classifier": "image",
"description": "Retrieve an image"
},
{
"classifier": "fidoPolicy",
"description": "Retrieve a FIDO policy"
},
{
"classifier": "flowDefinition",
"description": "Read a flow definition"
},
{
"classifier": "subscription",
"description": "Read a subscription"
},
{
"classifier": "feedback",
"description": "Read fraud feedback"
},
{
"classifier": "exploration",
"description": "Read data exploration"
},
{
"classifier": "passwordPolicy",
"description": "Read Password Policies"
},
{
"classifier": "applicationRoleAssignments",
"description": "Read roles assigned to applications"
},
{
"classifier": "evaluation",
"description": "Read fraud evaluation"
},
{
"classifier": "console",
"description": "Access to PingOne administrator console."
},
{
"classifier": "secret",
"description": "Retrieve an application’s client secret"
},
{
"classifier": "gatewayRoleAssignments",
"description": "Read gateway role assignments"
},
{
"classifier": "notificationsSettings",
"description": "Read notifications settings"
},
{
"classifier": "configs",
"description": "Read End User UI Configurations"
},
{
"classifier": "deviceAuthenticationPolicy",
"description": "Retrieve device authentication policy"
},
{
"classifier": "voicePhraseContent",
"description": "Read PingOne Verify Voice Phrase Content"
},
{
"classifier": "deploymentpackage",
"description": "Read PingOne Authorize Deployment Packages"
},
{
"classifier": "key",
"description": "Read a key"
},
{
"classifier": "predictor",
"description": "Read risk predictors"
},
{
"classifier": "dashboard",
"description": "Read dashboards"
},
{
"classifier": "scope",
"description": "Retrieve scopes from a resource"
},
{
"classifier": "group",
"description": "Read Group"
},
{
"classifier": "brandingSettings",
"description": "Read or list branding settings"
},
{
"classifier": "orchestration",
"description": "Retrieve Orchestration flow for Ping Intelligence deployment"
},
{
"classifier": "version",
"description": "Read PingOne Authorize Policy Version"
},
{
"classifier": "decisionendpoint",
"description": "Read PingOne Authorize Decision Endpoint"
},
{
"classifier": "krp",
"description": "Read Key Rotation Policies (KRP)"
},
{
"classifier": "theme",
"description": "Read or list themes"
},
{
"classifier": "population",
"description": "Read populations"
},
{
"classifier": "apiServer",
"description": "Retrieve Managed API Servers"
},
{
"classifier": "pushCredentials",
"description": "Retrieve application's push credentials information"
},
{
"classifier": "identityProvider",
"description": "Retrieve Identity Provider information"
},
{
"classifier": "license",
"description": "Read licenses"
},
{
"classifier": "channel",
"description": "Read AlertChannels"
},
{
"classifier": "resource",
"description": "Retrieve resources from an environment"
},
{
"classifier": "gateway",
"description": "Read gateways"
},
{
"classifier": "policy",
"description": "Read risk policies"
},
{
"classifier": "tag",
"description": "Read PingOne Authorize Policy Version Tag"
},
{
"classifier": "application",
"description": "Retrieve an application's OIDC settings"
},
{
"classifier": "flowPolicyAssignment",
"description": "Retrieve flow policy assignments"
},
{
"classifier": "secret",
"description": "Retrieve a resource’s client secret"
},
{
"classifier": "ssoLogin",
"description": "Read fraud SSO login"
},
{
"classifier": "flowPolicy",
"description": "Retrieve flow policies"
},
{
"classifier": "session",
"description": "Read fraud session"
},
{
"classifier": "attribute",
"description": "Retrieve attributes from a resource"
},
{
"classifier": "voicePhrase",
"description": "Read PingOne Verify Voice Phrase"
},
{
"classifier": "plan",
"description": "Read plan"
},
{
"classifier": "orchestration",
"description": "Retrieve PingOne Advanced Services Orchestration"
}
]
},
{
"_links": {
"self": {
"href": "https://api.pingone.com/v1/roles/c65f13f5-f42c-4ffc-aa3a-4858d4ac3f6d"
}
},
"id": "c65f13f5-f42c-4ffc-aa3a-4858d4ac3f6d",
"name": "PingFederate Administrator",
"description": "PingFederate Administrator",
"applicableTo": [
"ENVIRONMENT",
"ORGANIZATION"
],
"permissions": [
{
"classifier": "system",
"description": "Configure partner connections and most system settings, except the management of local accounts and the handling of local keys and certificates."
},
{
"classifier": "console",
"description": "Access to PingOne administrator console."
}
]
},
{
"_links": {
"self": {
"href": "https://api.pingone.com/v1/roles/ec21ef32-0885-4210-8fe3-247bc2f40e7d"
}
},
"id": "ec21ef32-0885-4210-8fe3-247bc2f40e7d",
"name": "PingFederate Expression Administrator",
"description": "PingFederate Expression Administrator",
"applicableTo": [
"ENVIRONMENT",
"ORGANIZATION"
],
"permissions": [
{
"classifier": "system",
"description": "Configure partner connections and most system settings, except the management of local accounts and the handling of local keys and certificates."
},
{
"classifier": "expressions",
"description": "Map user attributes by using the expression language, Object-Graph Navigation Language (OGNL)."
},
{
"classifier": "console",
"description": "Access to PingOne administrator console."
}
],
"canAssign": [
{
"id": "c65f13f5-f42c-4ffc-aa3a-4858d4ac3f6d"
}
]
},
{
"_links": {
"self": {
"href": "https://api.pingone.com/v1/roles/03643153-e396-4c35-b527-ac05b43a64fb"
}
},
"id": "03643153-e396-4c35-b527-ac05b43a64fb",
"name": "PingFederate Crypto Administrator",
"description": "PingFederate Crypto Administrator",
"applicableTo": [
"ENVIRONMENT",
"ORGANIZATION"
],
"permissions": [
{
"classifier": "crypto",
"description": "Manage local keys and certificates."
},
{
"classifier": "console",
"description": "Access to PingOne administrator console."
}
]
},
{
"_links": {
"self": {
"href": "https://api.pingone.com/v1/roles/6f6793ad-4a5a-421b-8867-406ebee618de"
}
},
"id": "6f6793ad-4a5a-421b-8867-406ebee618de",
"name": "PingFederate User Administrator",
"description": "PingFederate User Administrator",
"applicableTo": [
"ENVIRONMENT",
"ORGANIZATION"
],
"permissions": [
{
"classifier": "auditor",
"description": "View-only permissions for all administrative functions."
},
{
"classifier": "console",
"description": "Access to PingOne administrator console."
},
{
"classifier": "users",
"description": "Create users, deactivate users, change or reset passwords, and install replacement license keys."
}
],
"canAssign": [
{
"id": "b812ab8e-8fbc-45a9-b965-136849148040"
}
]
},
{
"_links": {
"self": {
"href": "https://api.pingone.com/v1/roles/b812ab8e-8fbc-45a9-b965-136849148040"
}
},
"id": "b812ab8e-8fbc-45a9-b965-136849148040",
"name": "PingFederate Auditor",
"description": "PingFederate Auditor",
"applicableTo": [
"ENVIRONMENT",
"ORGANIZATION"
],
"permissions": [
{
"classifier": "auditor",
"description": "View-only permissions for all administrative functions."
},
{
"classifier": "console",
"description": "Access to PingOne administrator console."
}
]
}
]
},
"count": 11,
"size": 11
}