PingOne Platform APIs

The PingOne Postman environment template

Our Postman collections use variables in the request URLs to specify the UUIDs for PingOne resources. When you click the Run in Postman button for a collection, these environment variables are included in your download or fork. Use these environment variables as a template to assign your PingOne resource UUIDs with the common variables used in many of the requests.

For more information about using Postman environments, refer to the following topic in the Postman documentation: Environments in Postman.

POST requests in the PingOne Verify API Postman collections that create a resource and return a resource ID include a Postman script. This script automatically adds a resource variable to your active Postman environment, and uses the newly created ID as the value.

For example, the following request creates a new Verify variable. This request URL contains variables for the API path and environment ID:

POST {{apiPath}}/environments/{{envID}}/variables
[source]

To run this request, you must ensure the {{apiPath}} in the Postman environment template has the regional top-level domain (TLD) associated with your organization. Refer to Variables you must value for more information.

The Postman environment template has initial values for the path variables: {{apiPath}}, {{authPath}}, {{orchestratePath}}, and {{scimPath}} that rely on the {{tld}} variable. This {{tld}} variable has an initial value of com as the TLD. If you are outside the United States, refer to PingOne API domains for the TLD to use for your region.

Almost every request in PingOne requires an environment ID. If you are working primarily in one environment for testing purposes, you’ll want to add your environment’s UUID to your active Postman environment as the value for the {{envID}} variable.

Requests to PingOne Management API endpoints require a valid access token to authenticate the request. In the PingOne Postman collections, the token value is represented in the Postman environment template as the variable {{accessToken}}.

With the {{tld}} and {{envID}} variables defined in your Postman template, and with a valid token value defined in the {{accessToken}} variable, you can run the request shown above:

POST {{apiPath}}/environments/{{envID}}/variables

If the request is successful, Postman adds a {{variableID}} variable to the current Postman environment automatically, and associates the new user’s id property value (the UUID of the new user) with this variable.

Notes about environment variables and security

It’s important to understand how Postman allows you to Store and reuse values using variables. Postman has two values for each environment variable: an Initial value and a Current value. You’ll want to pay particular attention to differences between Initial and current values. Initial values are saved to Postman’s cloud, and available to anyone who has access to the environment. Current values are saved only locally and available only to you. Postman uses only the current value in requests. If an environment variable has an initial value but no current value, Postman doesn’t copy it to the current value or use the initial value in the request, the request simply fails. In this case, you need to manually copy the initial value to the current value.

When you create a new variable with an initial value and save the environment, Postman autofills the current value. However, that is the only time that Postman autofills the current value. If you subsequently delete the current value, the variable is no longer valued in a request.

Saving initial values to the Postman cloud impacts security. These initial values are available to anyone who has access to the workspace. If a workspace is public, you have a security issue.

Postman’s recommended solution to exposing secrets is to Store secrets in your Postman Vault. Remember that Postman uses only current values in requests.

Variables you must value

When you download or fork a PingOne Postman collection, your workspace receives a set of Postman environment variables for you to use as a template. The variables that represent a resource in PingOne automatically receive a value when you create a new PingOne resource using Postman. Our script associated with the request (shown on the request’s Scripts tab) inserts the identifier of the resource it creates as the value of the variable associated with that resource. However, some variables essential to using Postman with PingOne do not have their values inserted automatically. You must manually add the correct value to these variables before making any requests in Postman:

Postman variable PingOne resource

adminAppID

The Client ID of the Worker app you created Create an admin Worker app connection.

adminAppSecret

The Client Secret of the Worker app created.

adminEnvID

The ID for the environment in which your Worker app resides.

envID

The ID for the environment in which you are running your Postman API requests.

orgID

The ID for your organization. In the PingOne admin console, select Environment and click Properties to view your organization ID.

tld

The top-level domain to use for your environment. This is used in URLs containing apiPath, authPath, orchestratePath, and scimPath.

apiPath

The regional domain for the PingOne management server (https://api.pingone.{{tld}}/v1).

authPath

The regional domain for the PingOne authorization and authentication server (https://auth.pingone.{{tld}}).

orchestratePath

The regional domain for the PingOne DaVinci management server (https://orchestrate-api.pingone.{{tld}}/v1).

scimPath

The regional domain for the PingOne SCIM management server (https://scim-api.pingone.{{tld}}).