Create Risk Evaluation (includes device trust predictor)
POST {{apiPath}}/environments/{{envID}}/riskEvaluationsThis example uses POST {{apiPath}}/environments/{{envID}}/riskEvaluations to create a risk evaluation where the risk policy used includes the PingID Device Trust predictor.
The body of the request does not contain any special parameters beyond those used ordinarily for risk evaluations.
The response includes the risk level calculated for the device trust predictor as well as the reason for the risk level for the predictor.
If the risk level for the predictor is not HIGH, the response will also include data for the user’s computer, under details.device.agent.
Request Model
For complete property descriptions, refer to Risk Evaluations.
| Property | Type | Required? |
|---|---|---|
|
Object |
Optional |
|
String |
Optional |
|
String |
Optional |
|
Object |
Required |
|
String |
Optional |
|
String |
Optional |
|
String |
Required |
|
String |
Optional |
|
String |
Optional |
|
String |
Optional |
|
String |
Optional |
|
String |
Optional |
|
String |
Optional |
|
String |
Optional |
|
String |
Required |
|
String |
Optional |
|
String |
Required |
|
String[] |
Optional |
|
String |
Optional |
|
String |
Optional |
Body
raw ( application/json )
{
"event": {
"targetResource": {
"id": "{{targetResourceID}}",
"name": "Jira"
},
"ip": "156.35.85.124",
"sdk": {
"signals": {
"data": "{{signalsSdkOutput}}"
}
},
"flow": {
"type": "AUTHENTICATION",
"subtype": "ACTIVE_SESSION"
},
"session": {
"id": "{{sessionID}}"
},
"user": {
"id": "john",
"name": "John DeMock",
"type": "EXTERNAL",
"groups": [
{
"name": "dev"
},
{
"name": "sre"
}
]
},
"sharingType": "SHARED",
"browser": {
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36"
}
},
"riskPolicySet": {
"id": "{{riskPolicySetID}}",
"name": "ExamplePolicy"
}
}Example Request
-
cURL
-
C#
-
Go
-
HTTP
-
Java
-
jQuery
-
NodeJS
-
Python
-
PHP
-
Ruby
-
Swift
curl --location --globoff '{{apiPath}}/environments/{{envID}}/riskEvaluations' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{accessToken}}' \
--data '{
"event": {
"targetResource": {
"id": "{{targetResourceID}}",
"name": "Jira"
},
"ip": "156.35.85.124",
"sdk": {
"signals": {
"data": "{{signalsSdkOutput}}"
}
},
"flow": {
"type": "AUTHENTICATION",
"subtype": "ACTIVE_SESSION"
},
"session": {
"id": "{{sessionID}}"
},
"user": {
"id": "john",
"name": "John DeMock",
"type": "EXTERNAL",
"groups": [
{
"name": "dev"
},
{
"name": "sre"
}
]
},
"sharingType": "SHARED",
"browser": {
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36"
}
},
"riskPolicySet": {
"id": "{{riskPolicySetID}}",
"name": "ExamplePolicy"
}
}'var options = new RestClientOptions("{{apiPath}}/environments/{{envID}}/riskEvaluations")
{
MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Bearer {{accessToken}}");
var body = @"{" + "\n" +
@" ""event"": {" + "\n" +
@" ""targetResource"": {" + "\n" +
@" ""id"": ""{{targetResourceID}}""," + "\n" +
@" ""name"": ""Jira""" + "\n" +
@" }," + "\n" +
@" ""ip"": ""156.35.85.124""," + "\n" +
@" ""sdk"": {" + "\n" +
@" ""signals"": {" + "\n" +
@" ""data"": ""{{signalsSdkOutput}}""" + "\n" +
@" }" + "\n" +
@" }," + "\n" +
@" ""flow"": {" + "\n" +
@" ""type"": ""AUTHENTICATION""," + "\n" +
@" ""subtype"": ""ACTIVE_SESSION""" + "\n" +
@" }," + "\n" +
@" ""session"": {" + "\n" +
@" ""id"": ""{{sessionID}}""" + "\n" +
@" }," + "\n" +
@" ""user"": {" + "\n" +
@" ""id"": ""john""," + "\n" +
@" ""name"": ""John DeMock""," + "\n" +
@" ""type"": ""EXTERNAL""," + "\n" +
@" ""groups"": [" + "\n" +
@" {" + "\n" +
@" ""name"": ""dev""" + "\n" +
@" }," + "\n" +
@" {" + "\n" +
@" ""name"": ""sre""" + "\n" +
@" }" + "\n" +
@" ]" + "\n" +
@" }," + "\n" +
@" ""sharingType"": ""SHARED""," + "\n" +
@" ""browser"": {" + "\n" +
@" ""userAgent"": ""Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36""" + "\n" +
@" }" + "\n" +
@" }," + "\n" +
@" ""riskPolicySet"": {" + "\n" +
@" ""id"": ""{{riskPolicySetID}}""," + "\n" +
@" ""name"": ""ExamplePolicy""" + "\n" +
@" }" + "\n" +
@"}";
request.AddStringBody(body, DataFormat.Json);
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "{{apiPath}}/environments/{{envID}}/riskEvaluations"
method := "POST"
payload := strings.NewReader(`{
"event": {
"targetResource": {
"id": "{{targetResourceID}}",
"name": "Jira"
},
"ip": "156.35.85.124",
"sdk": {
"signals": {
"data": "{{signalsSdkOutput}}"
}
},
"flow": {
"type": "AUTHENTICATION",
"subtype": "ACTIVE_SESSION"
},
"session": {
"id": "{{sessionID}}"
},
"user": {
"id": "john",
"name": "John DeMock",
"type": "EXTERNAL",
"groups": [
{
"name": "dev"
},
{
"name": "sre"
}
]
},
"sharingType": "SHARED",
"browser": {
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36"
}
},
"riskPolicySet": {
"id": "{{riskPolicySetID}}",
"name": "ExamplePolicy"
}
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Authorization", "Bearer {{accessToken}}")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}POST /environments/{{envID}}/riskEvaluations HTTP/1.1
Host: {{apiPath}}
Content-Type: application/json
Authorization: Bearer {{accessToken}}
{
"event": {
"targetResource": {
"id": "{{targetResourceID}}",
"name": "Jira"
},
"ip": "156.35.85.124",
"sdk": {
"signals": {
"data": "{{signalsSdkOutput}}"
}
},
"flow": {
"type": "AUTHENTICATION",
"subtype": "ACTIVE_SESSION"
},
"session": {
"id": "{{sessionID}}"
},
"user": {
"id": "john",
"name": "John DeMock",
"type": "EXTERNAL",
"groups": [
{
"name": "dev"
},
{
"name": "sre"
}
]
},
"sharingType": "SHARED",
"browser": {
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36"
}
},
"riskPolicySet": {
"id": "{{riskPolicySetID}}",
"name": "ExamplePolicy"
}
}OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\n \"event\": {\n \"targetResource\": {\n \"id\": \"{{targetResourceID}}\",\n \"name\": \"Jira\"\n },\n \"ip\": \"156.35.85.124\",\n \"sdk\": {\n \"signals\": {\n \"data\": \"{{signalsSdkOutput}}\"\n }\n },\n \"flow\": {\n \"type\": \"AUTHENTICATION\",\n \"subtype\": \"ACTIVE_SESSION\"\n },\n \"session\": {\n \"id\": \"{{sessionID}}\"\n },\n \"user\": {\n \"id\": \"john\",\n \"name\": \"John DeMock\",\n \"type\": \"EXTERNAL\",\n \"groups\": [\n {\n \"name\": \"dev\"\n },\n {\n \"name\": \"sre\"\n }\n ]\n },\n \"sharingType\": \"SHARED\",\n \"browser\": {\n \"userAgent\": \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36\"\n }\n },\n \"riskPolicySet\": {\n \"id\": \"{{riskPolicySetID}}\",\n \"name\": \"ExamplePolicy\"\n }\n}");
Request request = new Request.Builder()
.url("{{apiPath}}/environments/{{envID}}/riskEvaluations")
.method("POST", body)
.addHeader("Content-Type", "application/json")
.addHeader("Authorization", "Bearer {{accessToken}}")
.build();
Response response = client.newCall(request).execute();var settings = {
"url": "{{apiPath}}/environments/{{envID}}/riskEvaluations",
"method": "POST",
"timeout": 0,
"headers": {
"Content-Type": "application/json",
"Authorization": "Bearer {{accessToken}}"
},
"data": JSON.stringify({
"event": {
"targetResource": {
"id": "{{targetResourceID}}",
"name": "Jira"
},
"ip": "156.35.85.124",
"sdk": {
"signals": {
"data": "{{signalsSdkOutput}}"
}
},
"flow": {
"type": "AUTHENTICATION",
"subtype": "ACTIVE_SESSION"
},
"session": {
"id": "{{sessionID}}"
},
"user": {
"id": "john",
"name": "John DeMock",
"type": "EXTERNAL",
"groups": [
{
"name": "dev"
},
{
"name": "sre"
}
]
},
"sharingType": "SHARED",
"browser": {
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36"
}
},
"riskPolicySet": {
"id": "{{riskPolicySetID}}",
"name": "ExamplePolicy"
}
}),
};
$.ajax(settings).done(function (response) {
console.log(response);
});var request = require('request');
var options = {
'method': 'POST',
'url': '{{apiPath}}/environments/{{envID}}/riskEvaluations',
'headers': {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{accessToken}}'
},
body: JSON.stringify({
"event": {
"targetResource": {
"id": "{{targetResourceID}}",
"name": "Jira"
},
"ip": "156.35.85.124",
"sdk": {
"signals": {
"data": "{{signalsSdkOutput}}"
}
},
"flow": {
"type": "AUTHENTICATION",
"subtype": "ACTIVE_SESSION"
},
"session": {
"id": "{{sessionID}}"
},
"user": {
"id": "john",
"name": "John DeMock",
"type": "EXTERNAL",
"groups": [
{
"name": "dev"
},
{
"name": "sre"
}
]
},
"sharingType": "SHARED",
"browser": {
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36"
}
},
"riskPolicySet": {
"id": "{{riskPolicySetID}}",
"name": "ExamplePolicy"
}
})
};
request(options, function (error, response) {
if (error) throw new Error(error);
console.log(response.body);
});import requests
import json
url = "{{apiPath}}/environments/{{envID}}/riskEvaluations"
payload = json.dumps({
"event": {
"targetResource": {
"id": "{{targetResourceID}}",
"name": "Jira"
},
"ip": "156.35.85.124",
"sdk": {
"signals": {
"data": "{{signalsSdkOutput}}"
}
},
"flow": {
"type": "AUTHENTICATION",
"subtype": "ACTIVE_SESSION"
},
"session": {
"id": "{{sessionID}}"
},
"user": {
"id": "john",
"name": "John DeMock",
"type": "EXTERNAL",
"groups": [
{
"name": "dev"
},
{
"name": "sre"
}
]
},
"sharingType": "SHARED",
"browser": {
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36"
}
},
"riskPolicySet": {
"id": "{{riskPolicySetID}}",
"name": "ExamplePolicy"
}
})
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{accessToken}}'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/environments/{{envID}}/riskEvaluations');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
'follow_redirects' => TRUE
));
$request->setHeader(array(
'Content-Type' => 'application/json',
'Authorization' => 'Bearer {{accessToken}}'
));
$request->setBody('{\n "event": {\n "targetResource": {\n "id": "{{targetResourceID}}",\n "name": "Jira"\n },\n "ip": "156.35.85.124",\n "sdk": {\n "signals": {\n "data": "{{signalsSdkOutput}}"\n }\n },\n "flow": {\n "type": "AUTHENTICATION",\n "subtype": "ACTIVE_SESSION"\n },\n "session": {\n "id": "{{sessionID}}"\n },\n "user": {\n "id": "john",\n "name": "John DeMock",\n "type": "EXTERNAL",\n "groups": [\n {\n "name": "dev"\n },\n {\n "name": "sre"\n }\n ]\n },\n "sharingType": "SHARED",\n "browser": {\n "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36"\n }\n },\n "riskPolicySet": {\n "id": "{{riskPolicySetID}}",\n "name": "ExamplePolicy"\n }\n}');
try {
$response = $request->send();
if ($response->getStatus() == 200) {
echo $response->getBody();
}
else {
echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
$response->getReasonPhrase();
}
}
catch(HTTP_Request2_Exception $e) {
echo 'Error: ' . $e->getMessage();
}require "uri"
require "json"
require "net/http"
url = URI("{{apiPath}}/environments/{{envID}}/riskEvaluations")
http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/json"
request["Authorization"] = "Bearer {{accessToken}}"
request.body = JSON.dump({
"event": {
"targetResource": {
"id": "{{targetResourceID}}",
"name": "Jira"
},
"ip": "156.35.85.124",
"sdk": {
"signals": {
"data": "{{signalsSdkOutput}}"
}
},
"flow": {
"type": "AUTHENTICATION",
"subtype": "ACTIVE_SESSION"
},
"session": {
"id": "{{sessionID}}"
},
"user": {
"id": "john",
"name": "John DeMock",
"type": "EXTERNAL",
"groups": [
{
"name": "dev"
},
{
"name": "sre"
}
]
},
"sharingType": "SHARED",
"browser": {
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36"
}
},
"riskPolicySet": {
"id": "{{riskPolicySetID}}",
"name": "ExamplePolicy"
}
})
response = http.request(request)
puts response.read_bodylet parameters = "{\n \"event\": {\n \"targetResource\": {\n \"id\": \"{{targetResourceID}}\",\n \"name\": \"Jira\"\n },\n \"ip\": \"156.35.85.124\",\n \"sdk\": {\n \"signals\": {\n \"data\": \"{{signalsSdkOutput}}\"\n }\n },\n \"flow\": {\n \"type\": \"AUTHENTICATION\",\n \"subtype\": \"ACTIVE_SESSION\"\n },\n \"session\": {\n \"id\": \"{{sessionID}}\"\n },\n \"user\": {\n \"id\": \"john\",\n \"name\": \"John DeMock\",\n \"type\": \"EXTERNAL\",\n \"groups\": [\n {\n \"name\": \"dev\"\n },\n {\n \"name\": \"sre\"\n }\n ]\n },\n \"sharingType\": \"SHARED\",\n \"browser\": {\n \"userAgent\": \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36\"\n }\n },\n \"riskPolicySet\": {\n \"id\": \"{{riskPolicySetID}}\",\n \"name\": \"ExamplePolicy\"\n }\n}"
let postData = parameters.data(using: .utf8)
var request = URLRequest(url: URL(string: "{{apiPath}}/environments/{{envID}}/riskEvaluations")!,timeoutInterval: Double.infinity)
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")
request.httpMethod = "POST"
request.httpBody = postData
let task = URLSession.shared.dataTask(with: request) { data, response, error in
guard let data = data else {
print(String(describing: error))
return
}
print(String(data: data, encoding: .utf8)!)
}
task.resume()Example Response
201 Created
{
"_links": {
"self": {
"href": "https://api.pingone.eu/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/riskEvaluations/312330d7-1514-40e4-ad4b-941acb2e2847"
},
"environment": {
"href": "https://api.pingone.eu/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
},
"event": {
"href": "https://api.pingone.eu/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/riskEvaluations/312330d7-1514-40e4-ad4b-941acb2e2847/event"
}
},
"id": "312330d7-1514-40e4-ad4b-941acb2e2847",
"environment": {
"id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
},
"createdAt": "2025-02-04T12:05:54.572Z",
"updatedAt": "2025-02-04T12:05:54.572Z",
"event": {
"completionStatus": "IN_PROGRESS",
"targetResource": {
"id": "abd14e",
"name": "Jira"
},
"ip": "156.35.85.124",
"flow": {
"type": "AUTHENTICATION",
"subtype": "ACTIVE_SESSION"
},
"session": {
"id": "e7992c24-0df6-4c71-ad38-6950f4829290"
},
"user": {
"id": "john",
"name": "John DeMock",
"type": "EXTERNAL",
"groups": [
{
"name": "dev"
},
{
"name": "sre"
}
]
},
"sharingType": "SHARED",
"browser": {
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36"
}
},
"riskPolicySet": {
"id": "410e041d-4e40-072b-29db-f6499c81e9a0",
"name": "Default Risk Policy"
},
"result": {
"level": "LOW",
"score": 0,
"source": "AGGREGATED_SCORES",
"type": "VALUE"
},
"details": {
"ipAddressReputation": {
"score": 0,
"domain": {
"asn": 766,
"sld": "uniovi",
"tld": "es",
"organization": "universidad de oviedo",
"isp": "entidad publica empresarial red.es"
},
"level": "LOW"
},
"anonymousNetworkDetected": false,
"country": "spain",
"device": {
"id": "Id-4fc35854-7612-402f-a2ae-b3071e00898a",
"os": {
"name": "Mac OS X"
},
"browser": {
"name": "Chrome"
},
"agent": {
"id": "C23BF4F0-A3F4-7B18-93C3-844B0C02360E",
"os": {
"name": "macOS",
"version": "14.7.3"
},
"loggedInUser": {
"name": "stevesmith"
},
"version": "0.1.0",
"name": "mac-2D90R1MD",
"macAddress": [
"14-7d-da-0f-71-5e",
"5e-59-41-5c-ec-e7",
"ac-de-48-00-11-22"
]
}
},
"state": "asturias",
"city": "oviedo",
"impossibleTravel": false,
"ipVelocityByUser": {
"level": "LOW",
"threshold": {
"source": "MIN_NOT_REACHED"
},
"velocity": {
"distinctCount": 1,
"during": 3600
},
"type": "VELOCITY"
},
"userVelocityByIp": {
"level": "LOW",
"threshold": {
"source": "MIN_NOT_REACHED"
},
"velocity": {
"distinctCount": 1,
"during": 3600
},
"type": "VELOCITY"
},
"newDevice": {
"reason": "Not enough information to assess risk score",
"status": "IN_TRAINING_PERIOD",
"type": "DEVICE"
},
"ipRisk": {
"level": "LOW",
"type": "IP_REPUTATION"
},
"adversaryInTheMiddle": {
"reason": "Not enough information to assess risk score",
"status": "IN_TRAINING_PERIOD",
"type": "ADVERSARY_IN_THE_MIDDLE"
},
"trafficAnomaly": {
"level": "LOW",
"type": "TRAFFIC_ANOMALY"
},
"suspiciousDevice": {
"level": "LOW",
"type": "DEVICE"
},
"userLocationAnomaly": {
"reason": "Not enough information to assess risk score",
"status": "IN_TRAINING_PERIOD",
"type": "USER_LOCATION_ANOMALY"
},
"geoVelocity": {
"level": "LOW",
"type": "GEO_VELOCITY"
},
"botDetection": {
"level": "LOW",
"type": "BOT"
},
"userBasedRiskBehavior": {
"reason": "Not enough information to assess risk score",
"status": "IN_TRAINING_PERIOD",
"type": "USER_RISK_BEHAVIOR"
},
"anonymousNetwork": {
"level": "LOW",
"type": "ANONYMOUS_NETWORK"
},
"trustedDevice": {
"level": "LOW",
"reason": "PingID Device trust verified successfully",
"status": "TRUST_VERIFIED",
"type": "DEVICE"
}
}
}