PingOne Platform APIs

Step 4: Send a PingOne authorization request

POST {{authPath}}/{{envID}}/as/authorize

This example shows the GET /{{envID}}/as/authorize operation to send an authorization request to the PingOne authorization server.

For authorization and flow requests, the PingOne endpoint domain is https://auth.pingone.com/ for North America.

In this request:

  • {{envID}} represents your environment ID.

  • response_mode must be set to pi.flow to specify that this is a non-redirect flow.

  • response_type here has a value of code. In other cases, it can be token, id_token, or a combination of these.

  • client_id is the ID of the PingOne application that you created in a prior step.

  • redirect_uri identifies the redirect URI that you specified when you created the PingOne application.

  • scope specifies the OpenID Connect (OIDC) user claims are included in the token.

  • The request returns a 200 message when successful. The response body returns JSON instead of HTML.

To return JSON instead of HTML in the authorization response, this request includes an optional X-Requested-With HTTP header with its value set to ping-sdk.

Headers

Content-Type      application/x-www-form-urlencoded

X-Requested-With      ping-sdk

Body

urlencoded ( application/x-www-form-urlencoded )

Key Value

response_type

code

client_id

{{dvRegPiFlowAppID}}

redirect_uri

http://localhost:3000/login/callback

scope

openid

response_mode

pi.flow

Example Request

  • cURL

  • C#

  • Go

  • HTTP

  • Java

  • jQuery

  • NodeJS

  • Python

  • PHP

  • Ruby

  • Swift

curl --location --globoff '{{authPath}}/{{envID}}/as/authorize' \
--header 'X-Requested-With: ping-sdk' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'response_type=code' \
--data-urlencode 'client_id={{dvRegPiFlowAppID}}' \
--data-urlencode 'redirect_uri=http://localhost:3000/login/callback' \
--data-urlencode 'scope=openid' \
--data-urlencode 'response_mode=pi.flow'
var options = new RestClientOptions("{{authPath}}/{{envID}}/as/authorize")
{
  MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("X-Requested-With", "ping-sdk");
request.AddHeader("Content-Type", "application/x-www-form-urlencoded");
request.AddParameter("response_type", "code");
request.AddParameter("client_id", "{{dvRegPiFlowAppID}}");
request.AddParameter("redirect_uri", "http://localhost:3000/login/callback");
request.AddParameter("scope", "openid");
request.AddParameter("response_mode", "pi.flow");
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);
package main

import (
  "fmt"
  "strings"
  "net/http"
  "io"
)

func main() {

  url := "{{authPath}}/{{envID}}/as/authorize"
  method := "POST"

  payload := strings.NewReader("response_type=code&client_id=%7B%7BdvRegPiFlowAppID%7D%7D&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Flogin%2Fcallback&scope=openid&response_mode=pi.flow")

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, payload)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("X-Requested-With", "ping-sdk")
  req.Header.Add("Content-Type", "application/x-www-form-urlencoded")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := io.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}
POST /{{envID}}/as/authorize HTTP/1.1
Host: {{authPath}}
X-Requested-With: ping-sdk
Content-Type: application/x-www-form-urlencoded

response_type=code&client_id=%7B%7BdvRegPiFlowAppID%7D%7D&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Flogin%2Fcallback&scope=openid&response_mode=pi.flow
OkHttpClient client = new OkHttpClient().newBuilder()
  .build();
MediaType mediaType = MediaType.parse("application/x-www-form-urlencoded");
RequestBody body = RequestBody.create(mediaType, "response_type=code&client_id={{dvRegPiFlowAppID}}&redirect_uri=http://localhost:3000/login/callback&scope=openid&response_mode=pi.flow");
Request request = new Request.Builder()
  .url("{{authPath}}/{{envID}}/as/authorize")
  .method("POST", body)
  .addHeader("X-Requested-With", "ping-sdk")
  .addHeader("Content-Type", "application/x-www-form-urlencoded")
  .build();
Response response = client.newCall(request).execute();
var settings = {
  "url": "{{authPath}}/{{envID}}/as/authorize",
  "method": "POST",
  "timeout": 0,
  "headers": {
    "X-Requested-With": "ping-sdk",
    "Content-Type": "application/x-www-form-urlencoded"
  },
  "data": {
    "response_type": "code",
    "client_id": "{{dvRegPiFlowAppID}}",
    "redirect_uri": "http://localhost:3000/login/callback",
    "scope": "openid",
    "response_mode": "pi.flow"
  }
};

$.ajax(settings).done(function (response) {
  console.log(response);
});
var request = require('request');
var options = {
  'method': 'POST',
  'url': '{{authPath}}/{{envID}}/as/authorize',
  'headers': {
    'X-Requested-With': 'ping-sdk',
    'Content-Type': 'application/x-www-form-urlencoded'
  },
  form: {
    'response_type': 'code',
    'client_id': '{{dvRegPiFlowAppID}}',
    'redirect_uri': 'http://localhost:3000/login/callback',
    'scope': 'openid',
    'response_mode': 'pi.flow'
  }
};
request(options, function (error, response) {
  if (error) throw new Error(error);
  console.log(response.body);
});
import requests

url = "{{authPath}}/{{envID}}/as/authorize"

payload = 'response_type=code&client_id=%7B%7BdvRegPiFlowAppID%7D%7D&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Flogin%2Fcallback&scope=openid&response_mode=pi.flow'
headers = {
  'X-Requested-With': 'ping-sdk',
  'Content-Type': 'application/x-www-form-urlencoded'
}

response = requests.request("POST", url, headers=headers, data=payload)

print(response.text)
<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{authPath}}/{{envID}}/as/authorize');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
  'follow_redirects' => TRUE
));
$request->setHeader(array(
  'X-Requested-With' => 'ping-sdk',
  'Content-Type' => 'application/x-www-form-urlencoded'
));
$request->addPostParameter(array(
  'response_type' => 'code',
  'client_id' => '{{dvRegPiFlowAppID}}',
  'redirect_uri' => 'http://localhost:3000/login/callback',
  'scope' => 'openid',
  'response_mode' => 'pi.flow'
));
try {
  $response = $request->send();
  if ($response->getStatus() == 200) {
    echo $response->getBody();
  }
  else {
    echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
    $response->getReasonPhrase();
  }
}
catch(HTTP_Request2_Exception $e) {
  echo 'Error: ' . $e->getMessage();
}
require "uri"
require "net/http"

url = URI("{{authPath}}/{{envID}}/as/authorize")

http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["X-Requested-With"] = "ping-sdk"
request["Content-Type"] = "application/x-www-form-urlencoded"
request.body = "response_type=code&client_id=%7B%7BdvRegPiFlowAppID%7D%7D&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Flogin%2Fcallback&scope=openid&response_mode=pi.flow"

response = http.request(request)
puts response.read_body
let parameters = "response_type=code&client_id=%7B%7BdvRegPiFlowAppID%7D%7D&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Flogin%2Fcallback&scope=openid&response_mode=pi.flow"
let postData =  parameters.data(using: .utf8)

var request = URLRequest(url: URL(string: "{{authPath}}/{{envID}}/as/authorize")!,timeoutInterval: Double.infinity)
request.addValue("ping-sdk", forHTTPHeaderField: "X-Requested-With")
request.addValue("application/x-www-form-urlencoded", forHTTPHeaderField: "Content-Type")

request.httpMethod = "POST"
request.httpBody = postData

let task = URLSession.shared.dataTask(with: request) { data, response, error in
  guard let data = data else {
    print(String(describing: error))
    return
  }
  print(String(data: data, encoding: .utf8)!)
}

task.resume()

Example Response

200 OK

{
    "interactionId": "03719c2e-f0b0-4ff8-9ed2-6edbc1677646",
    "companyId": "abcdba86-d36e-413e-85b4-ee499a5cea55",
    "connectionId": "867ed4363b2bc21c860085ad2baa817d",
    "connectorId": "api",
    "id": "65u7m8cm28",
    "capabilityName": "customHTMLTemplate",
    "_links": {
        "next": {
            "href": "https://auth.pingone.com/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/davinci/connections/867ed4363b2bc21c860085ad2baa817d/capabilities/customHTMLTemplate"
        },
        "self": {
            "href": "https://auth.pingone.com/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/davinci/policy/f34a5cc285f96ffd8e212a459b0d9134/start"
        }
    },
    "eventName": "continue",
    "isResponseCompatibleWithMobileAndWebSdks": true,
    "flowId": "f49c54791bb78dc656d34e6ff38f6ffc",
    "formData": {
        "value": {
            "username": "",
            "password": ""
        }
    },
    "form": {
        "name": "Sign On",
        "description": "Enter username and password",
        "category": "CUSTOM_HTML",
        "components": {
            "fields": [
                {
                    "type": "TEXT",
                    "key": "username",
                    "label": "Username"
                },
                {
                    "type": "PASSWORD",
                    "key": "password",
                    "label": "Password"
                },
                {
                    "type": "SUBMIT_BUTTON",
                    "label": "Sign On",
                    "key": "SIGNON"
                },
                {
                    "type": "FLOW_BUTTON",
                    "label": "No account? Register now!",
                    "key": "REGISTER",
                    "inputType": "ACTION"
                },
                {
                    "type": "FLOW_BUTTON",
                    "label": "Having trouble signing on?",
                    "key": "TROUBLE",
                    "inputType": "ACTION"
                }
            ]
        }
    },
    "interactionToken": "b58cb10586c415b74...",
    "success": true,
    "startUiSubFlow": true
}