Step 3: Create a custom resource
POST {{apiPath}}/environments/{{envID}}/resourcesResources are the protected endpoints that applications request access to using OAuth 2 authorization services. For this activity, you need to create a new custom resource. For more information about custom resources and custom scopes, refer to Custom scopes.
The POST {{apiPath}}/environments/{{envID}}/resources creates the new custom resource entity in the specified environment. The request body must specify a value for the resource entity’s name property, and the name value must be unique within the specified environment resource. If a value for the accessTokenValiditySeconds property is not set, the new resource uses the default value of 3600 seconds. If a value for the audience property is not set, the value defaults to the name of the resource.
The response returns the new resource entity’s ID, which is needed to define the resource’s scopes and to create the application’s resource access grant.
Example Request
-
cURL
-
C#
-
Go
-
HTTP
-
Java
-
jQuery
-
NodeJS
-
Python
-
PHP
-
Ruby
-
Swift
curl --location --globoff '{{apiPath}}/environments/{{envID}}/resources' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{accessToken}}' \
--data '{
"name": "CustomResource_{{$timestamp}}",
"description": "This is my custom resource",
"audience": "https://api.custom-resource-{{$timestamp}}.com",
"accessTokenValiditySeconds": 7200,
"applicationPermissionsSettings": {
"claimEnabled": true
}
}'var options = new RestClientOptions("{{apiPath}}/environments/{{envID}}/resources")
{
MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Bearer {{accessToken}}");
var body = @"{" + "\n" +
@" ""name"": ""CustomResource_{{$timestamp}}""," + "\n" +
@" ""description"": ""This is my custom resource""," + "\n" +
@" ""audience"": ""https://api.custom-resource-{{$timestamp}}.com""," + "\n" +
@" ""accessTokenValiditySeconds"": 7200," + "\n" +
@" ""applicationPermissionsSettings"": {" + "\n" +
@" ""claimEnabled"": true" + "\n" +
@" }" + "\n" +
@"}";
request.AddStringBody(body, DataFormat.Json);
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "{{apiPath}}/environments/{{envID}}/resources"
method := "POST"
payload := strings.NewReader(`{
"name": "CustomResource_{{$timestamp}}",
"description": "This is my custom resource",
"audience": "https://api.custom-resource-{{$timestamp}}.com",
"accessTokenValiditySeconds": 7200,
"applicationPermissionsSettings": {
"claimEnabled": true
}
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Authorization", "Bearer {{accessToken}}")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}POST /environments/{{envID}}/resources HTTP/1.1
Host: {{apiPath}}
Content-Type: application/json
Authorization: Bearer {{accessToken}}
{
"name": "CustomResource_{{$timestamp}}",
"description": "This is my custom resource",
"audience": "https://api.custom-resource-{{$timestamp}}.com",
"accessTokenValiditySeconds": 7200,
"applicationPermissionsSettings": {
"claimEnabled": true
}
}OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\n \"name\": \"CustomResource_{{$timestamp}}\",\n \"description\": \"This is my custom resource\",\n \"audience\": \"https://api.custom-resource-{{$timestamp}}.com\",\n \"accessTokenValiditySeconds\": 7200,\n \"applicationPermissionsSettings\": {\n \"claimEnabled\": true\n }\n}");
Request request = new Request.Builder()
.url("{{apiPath}}/environments/{{envID}}/resources")
.method("POST", body)
.addHeader("Content-Type", "application/json")
.addHeader("Authorization", "Bearer {{accessToken}}")
.build();
Response response = client.newCall(request).execute();var settings = {
"url": "{{apiPath}}/environments/{{envID}}/resources",
"method": "POST",
"timeout": 0,
"headers": {
"Content-Type": "application/json",
"Authorization": "Bearer {{accessToken}}"
},
"data": JSON.stringify({
"name": "CustomResource_{{$timestamp}}",
"description": "This is my custom resource",
"audience": "https://api.custom-resource-{{$timestamp}}.com",
"accessTokenValiditySeconds": 7200,
"applicationPermissionsSettings": {
"claimEnabled": true
}
}),
};
$.ajax(settings).done(function (response) {
console.log(response);
});var request = require('request');
var options = {
'method': 'POST',
'url': '{{apiPath}}/environments/{{envID}}/resources',
'headers': {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{accessToken}}'
},
body: JSON.stringify({
"name": "CustomResource_{{$timestamp}}",
"description": "This is my custom resource",
"audience": "https://api.custom-resource-{{$timestamp}}.com",
"accessTokenValiditySeconds": 7200,
"applicationPermissionsSettings": {
"claimEnabled": true
}
})
};
request(options, function (error, response) {
if (error) throw new Error(error);
console.log(response.body);
});import requests
import json
url = "{{apiPath}}/environments/{{envID}}/resources"
payload = json.dumps({
"name": "CustomResource_{{$timestamp}}",
"description": "This is my custom resource",
"audience": "https://api.custom-resource-{{$timestamp}}.com",
"accessTokenValiditySeconds": 7200,
"applicationPermissionsSettings": {
"claimEnabled": True
}
})
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{accessToken}}'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/environments/{{envID}}/resources');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
'follow_redirects' => TRUE
));
$request->setHeader(array(
'Content-Type' => 'application/json',
'Authorization' => 'Bearer {{accessToken}}'
));
$request->setBody('{\n "name": "CustomResource_{{$timestamp}}",\n "description": "This is my custom resource",\n "audience": "https://api.custom-resource-{{$timestamp}}.com",\n "accessTokenValiditySeconds": 7200,\n "applicationPermissionsSettings": {\n "claimEnabled": true\n }\n}');
try {
$response = $request->send();
if ($response->getStatus() == 200) {
echo $response->getBody();
}
else {
echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
$response->getReasonPhrase();
}
}
catch(HTTP_Request2_Exception $e) {
echo 'Error: ' . $e->getMessage();
}require "uri"
require "json"
require "net/http"
url = URI("{{apiPath}}/environments/{{envID}}/resources")
http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/json"
request["Authorization"] = "Bearer {{accessToken}}"
request.body = JSON.dump({
"name": "CustomResource_{{\$timestamp}}",
"description": "This is my custom resource",
"audience": "https://api.custom-resource-{{\$timestamp}}.com",
"accessTokenValiditySeconds": 7200,
"applicationPermissionsSettings": {
"claimEnabled": true
}
})
response = http.request(request)
puts response.read_bodylet parameters = "{\n \"name\": \"CustomResource_{{$timestamp}}\",\n \"description\": \"This is my custom resource\",\n \"audience\": \"https://api.custom-resource-{{$timestamp}}.com\",\n \"accessTokenValiditySeconds\": 7200,\n \"applicationPermissionsSettings\": {\n \"claimEnabled\": true\n }\n}"
let postData = parameters.data(using: .utf8)
var request = URLRequest(url: URL(string: "{{apiPath}}/environments/{{envID}}/resources")!,timeoutInterval: Double.infinity)
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")
request.httpMethod = "POST"
request.httpBody = postData
let task = URLSession.shared.dataTask(with: request) { data, response, error in
guard let data = data else {
print(String(describing: error))
return
}
print(String(data: data, encoding: .utf8)!)
}
task.resume()Example Response
201 Created
{
"_links": {
"self": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/resources/5de5451f-47e8-44f5-946d-6d8936685704"
},
"environment": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
},
"scopes": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/resources/5de5451f-47e8-44f5-946d-6d8936685704/scopes"
},
"attributes": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/resources/5de5451f-47e8-44f5-946d-6d8936685704/attributes"
},
"secret": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/resources/5de5451f-47e8-44f5-946d-6d8936685704/secret"
},
"applicationResources": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/resources/5de5451f-47e8-44f5-946d-6d8936685704/applicationResources"
}
},
"id": "5de5451f-47e8-44f5-946d-6d8936685704",
"environment": {
"id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
},
"name": "CustomResource_1712950378",
"type": "CUSTOM",
"audience": "https://api.custom-resource-1712950378.com",
"description": "This is my custom resource",
"createdAt": "2024-04-12T19:32:58.526Z",
"updatedAt": "2024-04-12T19:32:58.526Z",
"accessTokenValiditySeconds": 7200,
"introspectEndpointAuthMethod": "CLIENT_SECRET_BASIC",
"applicationPermissionsSettings": {
"claimEnabled": true
}
}