PingOne Platform APIs

DaVinci Flow Execution Registration

You need to begin in DaVinci, and create the DaVinci application, the DaVinci flow (designated as a PingOne flow), and the flow policy on the application. Refer to How to create a flow for instructions. You’ll need the DaVinci flow policy ID to define the PingOne application’s flow policy assignment property.

DaVinci flow settings configuration

DaVinci flows invoked using a PingOne authorize request require special configuration. In DaVinci, when you create your flow, on the flow’s Settings screen, you must toggle on the PingOne Flow property located on the General tab.

PingOne DaVinci flow

Setting this property indicates that the flow is a PingOne flow, enabling it to be included in PingOne flow policies and launched directly from PingOne.

PingOne endpoints

This activity shows you how to create a PingOne application, find and associate a DaVinci flow policy with the application, and initiate the flow using a PingOne authorize request. The authorize request sets the response_mode property to pi.flow, which tells the authorization server to return data, instead of a redirect URL. In addition, the authorize request and the DaVinci flow requests set the X-Requested-With HTTP header with a value of ping-sdk to return JSON instead of HTML (and scripts).

For information on setting a DaVinci flow to take advantage of this configuration option, refer to Launching a flow with a Ping SDK.

This scenario illustrates the following common operations supported by the PingOne APIs:

  • Create the application.

  • Assign a DaVinci flow policy to the application.

  • Create the PingOne authorize request.

  • Create the DaVinci flow requests to manage the registration workflow and get the session token.

To create the application and flow policy, the following tasks must be completed successfully:

  1. Make a POST request to /environments/{{envID}}/applications to add a new application to the specified environment.

  2. Make a GET request to /environments/{{envID}}/flowPolicies to return the list of DaVinci flow policies that can be associated with the PingOne application.

  3. Make a POST request to /environments/{{envID}}/applications/{{appID}}/flowPolicyAssignments to assign a DaVinci flow policy to the application.

  4. Make a GET request to /{{envID}}/as/authorize to obtain an authorization grant. This request starts the authorization flow using the DaVinci flow policy you assigned to the PingOne application.

  5. Make a POST request to {{envID}}/davinci/connections/{{connectionID}}/capabilities/{{capabilityName}} to initiate the registration flow.

  6. Make a POST request to {{envID}}/davinci/connections/{{connectionID}}/capabilities/{{capabilityName}} to submit the new user account information.

  7. Make a POST request to {{envID}}/davinci/connections/{{connectionID}}/capabilities/{{capabilityName}} to submit the passcode to verify the new user account.

  8. Make a POST request to {{envID}}/davinci/connections/{{connectionID}}/capabilities/{{capabilityName}} to get the PingOne session token.

Click the Run in Postman button below to fork, or download and import, the Postman collection for this workflow to your workspace.

Run in Postman