PingOne Platform APIs

Linked Accounts

The linked accounts endpoints manage a user’s account links to external identity provider accounts. In an authentication flow, after successful authentication at the external identity provider, a linked account resource is created to establish the connection between the user resource in the PingOne directory and that user’s external identity provider account. These endpoints can also be used to view and remove linked accounts in delegated administration or self-service cases.

Users who authenticate with an authoritative identity provider cannot self-service their linked accounts. These users have the identityProvider.id attribute set and their identityProvider.type is not PING_ONE.

Users linked accounts request data model

Property Type Required? Mutable? Description

attributes.{{attributeName}}

Object

Optional

Mutable

An object that specifies an optional user attribute to update when linking the user. These are mapped user attribute names and values from the external identity provider that are used to update the user.

externalId

String

Required

Mutable

A string that specifies the external ID, which is the identifier for the user’s external identity provider account.

identityProvider.id

String

Required

Mutable

A string that specifies the external identity provider ID associated with the user to which the user has a linked account.

Users linked accounts response data model

Property Type Required? Mutable? Description

environment.id

String

Required

Read-only

A string that specifies the environment associated with the user’s linked account.

externalId

String

Required

Read-only

A string that specifies the external ID, which is the identifier for the user’s external identity provider account.

id

String

Required

Read-only

A string that specifies the linked account ID associated with the user resource ID identified in the request URL.

identityProvider.id

String

Required

Read-only

A string that specifies the external identity provider ID associated with the user to which the user has a linked account.

user

Object

Required

Read-only

An _embedded object that specifies the user associated with the linked account.

user.id

String

Required

Read-only

A string that specifies the user ID associated with the linked account.

Response codes

Code Message

200

Successful operation.

204

Successfully removed. No content.

400

The request could not be completed.

401

You do not have access to this resource.

404

The requested resource was not found.

For linked accounts endpoint operations, you need the Identity Data Admin role to get or delete linked account resources.