PingOne Platform APIs

Step 4: Create the new sign-on policy

 

POST {{apiPath}}/environments/{{envID}}/signOnPolicies

You can use the POST {{apiPath}}/environments/{{envID}}/signOnPolicies endpoint to create the new sign-on policy.

In the request, the name property is required and must be unique within the environment. The description property is optional, but recommended. The default property is optional, and should be set only if you want this sign-on policy to be the default policy for all applications in the environment. If this property is not set in the request, its value is set automatically to false.

The response includes an actions link to the sign-on policy actions endpoint, which is used to assign an action to the new sign-on policy. The policy must have at least one associated action before it can be assigned to an application.

Headers

Authorization      Bearer {{accessToken}}

Content-Type      application/json

Body

raw ( application/json )

{
    "name": "UseCaseSAMLIdPPolicy_{{$timestamp}}",
    "description": "A sign-on policy for a SAML identity provider."
}

Example Request

  • cURL

  • C#

  • Go

  • HTTP

  • Java

  • jQuery

  • NodeJS

  • Python

  • PHP

  • Ruby

  • Swift

curl --location --globoff '{{apiPath}}/environments/{{envID}}/signOnPolicies' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{accessToken}}' \
--data '{
    "name": "UseCaseSAMLIdPPolicy_{{$timestamp}}",
    "description": "A sign-on policy for a SAML identity provider."
}'
var options = new RestClientOptions("{{apiPath}}/environments/{{envID}}/signOnPolicies")
{
  MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Bearer {{accessToken}}");
var body = @"{" + "\n" +
@"    ""name"": ""UseCaseSAMLIdPPolicy_{{$timestamp}}""," + "\n" +
@"    ""description"": ""A sign-on policy for a SAML identity provider.""" + "\n" +
@"}";
request.AddStringBody(body, DataFormat.Json);
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);
package main

import (
  "fmt"
  "strings"
  "net/http"
  "io"
)

func main() {

  url := "{{apiPath}}/environments/{{envID}}/signOnPolicies"
  method := "POST"

  payload := strings.NewReader(`{
    "name": "UseCaseSAMLIdPPolicy_{{$timestamp}}",
    "description": "A sign-on policy for a SAML identity provider."
}`)

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, payload)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("Content-Type", "application/json")
  req.Header.Add("Authorization", "Bearer {{accessToken}}")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := io.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}
POST /environments/{{envID}}/signOnPolicies HTTP/1.1
Host: {{apiPath}}
Content-Type: application/json
Authorization: Bearer {{accessToken}}

{
    "name": "UseCaseSAMLIdPPolicy_{{$timestamp}}",
    "description": "A sign-on policy for a SAML identity provider."
}
OkHttpClient client = new OkHttpClient().newBuilder()
  .build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\n    \"name\": \"UseCaseSAMLIdPPolicy_{{$timestamp}}\",\n    \"description\": \"A sign-on policy for a SAML identity provider.\"\n}");
Request request = new Request.Builder()
  .url("{{apiPath}}/environments/{{envID}}/signOnPolicies")
  .method("POST", body)
  .addHeader("Content-Type", "application/json")
  .addHeader("Authorization", "Bearer {{accessToken}}")
  .build();
Response response = client.newCall(request).execute();
var settings = {
  "url": "{{apiPath}}/environments/{{envID}}/signOnPolicies",
  "method": "POST",
  "timeout": 0,
  "headers": {
    "Content-Type": "application/json",
    "Authorization": "Bearer {{accessToken}}"
  },
  "data": JSON.stringify({
    "name": "UseCaseSAMLIdPPolicy_{{$timestamp}}",
    "description": "A sign-on policy for a SAML identity provider."
  }),
};

$.ajax(settings).done(function (response) {
  console.log(response);
});
var request = require('request');
var options = {
  'method': 'POST',
  'url': '{{apiPath}}/environments/{{envID}}/signOnPolicies',
  'headers': {
    'Content-Type': 'application/json',
    'Authorization': 'Bearer {{accessToken}}'
  },
  body: JSON.stringify({
    "name": "UseCaseSAMLIdPPolicy_{{$timestamp}}",
    "description": "A sign-on policy for a SAML identity provider."
  })

};
request(options, function (error, response) {
  if (error) throw new Error(error);
  console.log(response.body);
});
import requests
import json

url = "{{apiPath}}/environments/{{envID}}/signOnPolicies"

payload = json.dumps({
  "name": "UseCaseSAMLIdPPolicy_{{$timestamp}}",
  "description": "A sign-on policy for a SAML identity provider."
})
headers = {
  'Content-Type': 'application/json',
  'Authorization': 'Bearer {{accessToken}}'
}

response = requests.request("POST", url, headers=headers, data=payload)

print(response.text)
<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/environments/{{envID}}/signOnPolicies');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
  'follow_redirects' => TRUE
));
$request->setHeader(array(
  'Content-Type' => 'application/json',
  'Authorization' => 'Bearer {{accessToken}}'
));
$request->setBody('{\n    "name": "UseCaseSAMLIdPPolicy_{{$timestamp}}",\n    "description": "A sign-on policy for a SAML identity provider."\n}');
try {
  $response = $request->send();
  if ($response->getStatus() == 200) {
    echo $response->getBody();
  }
  else {
    echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
    $response->getReasonPhrase();
  }
}
catch(HTTP_Request2_Exception $e) {
  echo 'Error: ' . $e->getMessage();
}
require "uri"
require "json"
require "net/http"

url = URI("{{apiPath}}/environments/{{envID}}/signOnPolicies")

http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/json"
request["Authorization"] = "Bearer {{accessToken}}"
request.body = JSON.dump({
  "name": "UseCaseSAMLIdPPolicy_{{\$timestamp}}",
  "description": "A sign-on policy for a SAML identity provider."
})

response = http.request(request)
puts response.read_body
let parameters = "{\n    \"name\": \"UseCaseSAMLIdPPolicy_{{$timestamp}}\",\n    \"description\": \"A sign-on policy for a SAML identity provider.\"\n}"
let postData = parameters.data(using: .utf8)

var request = URLRequest(url: URL(string: "{{apiPath}}/environments/{{envID}}/signOnPolicies")!,timeoutInterval: Double.infinity)
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")

request.httpMethod = "POST"
request.httpBody = postData

let task = URLSession.shared.dataTask(with: request) { data, response, error in
  guard let data = data else {
    print(String(describing: error))
    return
  }
  print(String(data: data, encoding: .utf8)!)
}

task.resume()

Example Response

201 Created

{
    "_links": {
        "self": {
            "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/signOnPolicies/1c1170ad-436d-4d6f-9e11-0a0cc4f5c7b9"
        },
        "environment": {
            "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
        },
        "actions": {
            "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/signOnPolicies/1c1170ad-436d-4d6f-9e11-0a0cc4f5c7b9/actions"
        }
    },
    "id": "1c1170ad-436d-4d6f-9e11-0a0cc4f5c7b9",
    "environment": {
        "id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
    },
    "name": "UseCaseSAMLIdPPolicy",
    "description": "A sign-on policy for a SAML identity provider.",
    "default": false
}