Step 1: Create an OpenID Connect (OIDC) application
POST {{apiPath}}/environments/{{envID}}/applicationsYou can use the POST {{apiPath}}/environments/{{envID}}/applications endpoint to create the new application. The application’s protocol property is required, and in this example it specifies an OPENID_CONNECT application.
The response data returns information about the new application, including its id property, which identifies the UUID for this application resource. The application’s UUID (shown below) is required in the next step to get the application’s secret.
{
"id": "4c2205d9-f3e4-4d6b-a83d-c754d46e329a"
}Body
raw ( application/json )
{
"name": "AppWithCodeGrant_{{$timestamp}}",
"enabled": true,
"type": "WEB_APP",
"protocol": "OPENID_CONNECT",
"responseTypes": [
"CODE"
],
"grantTypes": [
"AUTHORIZATION_CODE"
],
"tokenEndpointAuthMethod": "CLIENT_SECRET_BASIC",
"postLogoutRedirectUris": [
"https://www.example.com"
],
"redirectUris": [
"https://www.example.com"
]
}Example Request
-
cURL
-
C#
-
Go
-
HTTP
-
Java
-
jQuery
-
NodeJS
-
Python
-
PHP
-
Ruby
-
Swift
curl --location --globoff '{{apiPath}}/environments/{{envID}}/applications' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{accessToken}}' \
--data '{
"name": "AppWithCodeGrant_{{$timestamp}}",
"enabled": true,
"type": "WEB_APP",
"protocol": "OPENID_CONNECT",
"responseTypes": [
"CODE"
],
"grantTypes": [
"AUTHORIZATION_CODE"
],
"tokenEndpointAuthMethod": "CLIENT_SECRET_BASIC",
"postLogoutRedirectUris": [
"https://www.example.com"
],
"redirectUris": [
"https://www.example.com"
]
}'var options = new RestClientOptions("{{apiPath}}/environments/{{envID}}/applications")
{
MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Bearer {{accessToken}}");
var body = @"{" + "\n" +
@" ""name"": ""AppWithCodeGrant_{{$timestamp}}""," + "\n" +
@" ""enabled"": true," + "\n" +
@" ""type"": ""WEB_APP""," + "\n" +
@" ""protocol"": ""OPENID_CONNECT""," + "\n" +
@" ""responseTypes"": [" + "\n" +
@" ""CODE""" + "\n" +
@" ]," + "\n" +
@" ""grantTypes"": [" + "\n" +
@" ""AUTHORIZATION_CODE""" + "\n" +
@" ]," + "\n" +
@" ""tokenEndpointAuthMethod"": ""CLIENT_SECRET_BASIC""," + "\n" +
@" ""postLogoutRedirectUris"": [" + "\n" +
@" ""https://www.example.com""" + "\n" +
@" ]," + "\n" +
@" ""redirectUris"": [" + "\n" +
@" ""https://www.example.com""" + "\n" +
@" ]" + "\n" +
@"}";
request.AddStringBody(body, DataFormat.Json);
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "{{apiPath}}/environments/{{envID}}/applications"
method := "POST"
payload := strings.NewReader(`{
"name": "AppWithCodeGrant_{{$timestamp}}",
"enabled": true,
"type": "WEB_APP",
"protocol": "OPENID_CONNECT",
"responseTypes": [
"CODE"
],
"grantTypes": [
"AUTHORIZATION_CODE"
],
"tokenEndpointAuthMethod": "CLIENT_SECRET_BASIC",
"postLogoutRedirectUris": [
"https://www.example.com"
],
"redirectUris": [
"https://www.example.com"
]
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Authorization", "Bearer {{accessToken}}")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}POST /environments/{{envID}}/applications HTTP/1.1
Host: {{apiPath}}
Content-Type: application/json
Authorization: Bearer {{accessToken}}
{
"name": "AppWithCodeGrant_{{$timestamp}}",
"enabled": true,
"type": "WEB_APP",
"protocol": "OPENID_CONNECT",
"responseTypes": [
"CODE"
],
"grantTypes": [
"AUTHORIZATION_CODE"
],
"tokenEndpointAuthMethod": "CLIENT_SECRET_BASIC",
"postLogoutRedirectUris": [
"https://www.example.com"
],
"redirectUris": [
"https://www.example.com"
]
}OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\n \"name\": \"AppWithCodeGrant_{{$timestamp}}\",\n \"enabled\": true,\n \"type\": \"WEB_APP\",\n \"protocol\": \"OPENID_CONNECT\",\n \"responseTypes\": [\n \"CODE\"\n ],\n \"grantTypes\": [\n \"AUTHORIZATION_CODE\"\n ],\n \"tokenEndpointAuthMethod\": \"CLIENT_SECRET_BASIC\",\n \"postLogoutRedirectUris\": [\n \"https://www.example.com\"\n ],\n \"redirectUris\": [\n \"https://www.example.com\"\n ]\n}");
Request request = new Request.Builder()
.url("{{apiPath}}/environments/{{envID}}/applications")
.method("POST", body)
.addHeader("Content-Type", "application/json")
.addHeader("Authorization", "Bearer {{accessToken}}")
.build();
Response response = client.newCall(request).execute();var settings = {
"url": "{{apiPath}}/environments/{{envID}}/applications",
"method": "POST",
"timeout": 0,
"headers": {
"Content-Type": "application/json",
"Authorization": "Bearer {{accessToken}}"
},
"data": JSON.stringify({
"name": "AppWithCodeGrant_{{$timestamp}}",
"enabled": true,
"type": "WEB_APP",
"protocol": "OPENID_CONNECT",
"responseTypes": [
"CODE"
],
"grantTypes": [
"AUTHORIZATION_CODE"
],
"tokenEndpointAuthMethod": "CLIENT_SECRET_BASIC",
"postLogoutRedirectUris": [
"https://www.example.com"
],
"redirectUris": [
"https://www.example.com"
]
}),
};
$.ajax(settings).done(function (response) {
console.log(response);
});var request = require('request');
var options = {
'method': 'POST',
'url': '{{apiPath}}/environments/{{envID}}/applications',
'headers': {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{accessToken}}'
},
body: JSON.stringify({
"name": "AppWithCodeGrant_{{$timestamp}}",
"enabled": true,
"type": "WEB_APP",
"protocol": "OPENID_CONNECT",
"responseTypes": [
"CODE"
],
"grantTypes": [
"AUTHORIZATION_CODE"
],
"tokenEndpointAuthMethod": "CLIENT_SECRET_BASIC",
"postLogoutRedirectUris": [
"https://www.example.com"
],
"redirectUris": [
"https://www.example.com"
]
})
};
request(options, function (error, response) {
if (error) throw new Error(error);
console.log(response.body);
});import requests
import json
url = "{{apiPath}}/environments/{{envID}}/applications"
payload = json.dumps({
"name": "AppWithCodeGrant_{{$timestamp}}",
"enabled": True,
"type": "WEB_APP",
"protocol": "OPENID_CONNECT",
"responseTypes": [
"CODE"
],
"grantTypes": [
"AUTHORIZATION_CODE"
],
"tokenEndpointAuthMethod": "CLIENT_SECRET_BASIC",
"postLogoutRedirectUris": [
"https://www.example.com"
],
"redirectUris": [
"https://www.example.com"
]
})
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{accessToken}}'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/environments/{{envID}}/applications');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
'follow_redirects' => TRUE
));
$request->setHeader(array(
'Content-Type' => 'application/json',
'Authorization' => 'Bearer {{accessToken}}'
));
$request->setBody('{\n "name": "AppWithCodeGrant_{{$timestamp}}",\n "enabled": true,\n "type": "WEB_APP",\n "protocol": "OPENID_CONNECT",\n "responseTypes": [\n "CODE"\n ],\n "grantTypes": [\n "AUTHORIZATION_CODE"\n ],\n "tokenEndpointAuthMethod": "CLIENT_SECRET_BASIC",\n "postLogoutRedirectUris": [\n "https://www.example.com"\n ],\n "redirectUris": [\n "https://www.example.com"\n ]\n}');
try {
$response = $request->send();
if ($response->getStatus() == 200) {
echo $response->getBody();
}
else {
echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
$response->getReasonPhrase();
}
}
catch(HTTP_Request2_Exception $e) {
echo 'Error: ' . $e->getMessage();
}require "uri"
require "json"
require "net/http"
url = URI("{{apiPath}}/environments/{{envID}}/applications")
http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/json"
request["Authorization"] = "Bearer {{accessToken}}"
request.body = JSON.dump({
"name": "AppWithCodeGrant_{{\$timestamp}}",
"enabled": true,
"type": "WEB_APP",
"protocol": "OPENID_CONNECT",
"responseTypes": [
"CODE"
],
"grantTypes": [
"AUTHORIZATION_CODE"
],
"tokenEndpointAuthMethod": "CLIENT_SECRET_BASIC",
"postLogoutRedirectUris": [
"https://www.example.com"
],
"redirectUris": [
"https://www.example.com"
]
})
response = http.request(request)
puts response.read_bodylet parameters = "{\n \"name\": \"AppWithCodeGrant_{{$timestamp}}\",\n \"enabled\": true,\n \"type\": \"WEB_APP\",\n \"protocol\": \"OPENID_CONNECT\",\n \"responseTypes\": [\n \"CODE\"\n ],\n \"grantTypes\": [\n \"AUTHORIZATION_CODE\"\n ],\n \"tokenEndpointAuthMethod\": \"CLIENT_SECRET_BASIC\",\n \"postLogoutRedirectUris\": [\n \"https://www.example.com\"\n ],\n \"redirectUris\": [\n \"https://www.example.com\"\n ]\n}"
let postData = parameters.data(using: .utf8)
var request = URLRequest(url: URL(string: "{{apiPath}}/environments/{{envID}}/applications")!,timeoutInterval: Double.infinity)
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")
request.httpMethod = "POST"
request.httpBody = postData
let task = URLSession.shared.dataTask(with: request) { data, response, error in
guard let data = data else {
print(String(describing: error))
return
}
print(String(data: data, encoding: .utf8)!)
}
task.resume()Example Response
201 Created
{
"_links": {
"self": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/applications/2c78cdc9-aaf0-42d2-97b2-4d4b00bbdf43"
},
"environment": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
},
"attributes": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/applications/2c78cdc9-aaf0-42d2-97b2-4d4b00bbdf43/attributes"
},
"secret": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/applications/2c78cdc9-aaf0-42d2-97b2-4d4b00bbdf43/secret"
},
"grants": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/applications/2c78cdc9-aaf0-42d2-97b2-4d4b00bbdf43/grants"
}
},
"environment": {
"id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
},
"id": "2c78cdc9-aaf0-42d2-97b2-4d4b00bbdf43",
"name": "AppWithCodeGrant",
"enabled": true,
"type": "WEB_APP",
"protocol": "OPENID_CONNECT",
"createdAt": "2021-03-30T16:46:50.396Z",
"updatedAt": "2021-03-30T16:46:50.396Z",
"assignActorRoles": false,
"responseTypes": [
"CODE"
],
"grantTypes": [
"AUTHORIZATION_CODE"
],
"tokenEndpointAuthMethod": "CLIENT_SECRET_BASIC",
"pkceEnforcement": "OPTIONAL",
"postLogoutRedirectUris": [
"https://www.example.com"
],
"redirectUris": [
"https://www.example.com"
]
}