Step 3: Create a passwordless sign-on policy
POST {{apiPath}}/environments/{{envID}}/signOnPoliciesYou can use the POST {{apiPath}}/environments/{{envID}}/signOnPolicies endpoint to create the new sign-on policy. In the request, the name property is required and must be unique within the environment. The description property is optional, but recommended.
The response shows the property data for the new sign-on policy. It includes an actions link to the sign-on policy actions endpoint, which is used to assign an action to the new sign-on policy. The policy must have at least one associated action before it can be assigned to an application.
Example Request
-
cURL
-
C#
-
Go
-
HTTP
-
Java
-
jQuery
-
NodeJS
-
Python
-
PHP
-
Ruby
-
Swift
curl --location --globoff '{{apiPath}}/environments/{{envID}}/signOnPolicies' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{accessToken}}' \
--data '{
"name": "Passwordless_UseCasePolicy_{{$timestamp}}",
"default": "false",
"description": "A new passwordless sign-on policy (MFA-only, no password required)."
}'var options = new RestClientOptions("{{apiPath}}/environments/{{envID}}/signOnPolicies")
{
MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Bearer {{accessToken}}");
var body = @"{" + "\n" +
@" ""name"": ""Passwordless_UseCasePolicy_{{$timestamp}}""," + "\n" +
@" ""default"": ""false""," + "\n" +
@" ""description"": ""A new passwordless sign-on policy (MFA-only, no password required).""" + "\n" +
@"}";
request.AddStringBody(body, DataFormat.Json);
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "{{apiPath}}/environments/{{envID}}/signOnPolicies"
method := "POST"
payload := strings.NewReader(`{
"name": "Passwordless_UseCasePolicy_{{$timestamp}}",
"default": "false",
"description": "A new passwordless sign-on policy (MFA-only, no password required)."
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Authorization", "Bearer {{accessToken}}")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}POST /environments/{{envID}}/signOnPolicies HTTP/1.1
Host: {{apiPath}}
Content-Type: application/json
Authorization: Bearer {{accessToken}}
{
"name": "Passwordless_UseCasePolicy_{{$timestamp}}",
"default": "false",
"description": "A new passwordless sign-on policy (MFA-only, no password required)."
}OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\n \"name\": \"Passwordless_UseCasePolicy_{{$timestamp}}\",\n \"default\": \"false\",\n \"description\": \"A new passwordless sign-on policy (MFA-only, no password required).\"\n}");
Request request = new Request.Builder()
.url("{{apiPath}}/environments/{{envID}}/signOnPolicies")
.method("POST", body)
.addHeader("Content-Type", "application/json")
.addHeader("Authorization", "Bearer {{accessToken}}")
.build();
Response response = client.newCall(request).execute();var settings = {
"url": "{{apiPath}}/environments/{{envID}}/signOnPolicies",
"method": "POST",
"timeout": 0,
"headers": {
"Content-Type": "application/json",
"Authorization": "Bearer {{accessToken}}"
},
"data": JSON.stringify({
"name": "Passwordless_UseCasePolicy_{{$timestamp}}",
"default": "false",
"description": "A new passwordless sign-on policy (MFA-only, no password required)."
}),
};
$.ajax(settings).done(function (response) {
console.log(response);
});var request = require('request');
var options = {
'method': 'POST',
'url': '{{apiPath}}/environments/{{envID}}/signOnPolicies',
'headers': {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{accessToken}}'
},
body: JSON.stringify({
"name": "Passwordless_UseCasePolicy_{{$timestamp}}",
"default": "false",
"description": "A new passwordless sign-on policy (MFA-only, no password required)."
})
};
request(options, function (error, response) {
if (error) throw new Error(error);
console.log(response.body);
});import requests
import json
url = "{{apiPath}}/environments/{{envID}}/signOnPolicies"
payload = json.dumps({
"name": "Passwordless_UseCasePolicy_{{$timestamp}}",
"default": "false",
"description": "A new passwordless sign-on policy (MFA-only, no password required)."
})
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{accessToken}}'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/environments/{{envID}}/signOnPolicies');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
'follow_redirects' => TRUE
));
$request->setHeader(array(
'Content-Type' => 'application/json',
'Authorization' => 'Bearer {{accessToken}}'
));
$request->setBody('{\n "name": "Passwordless_UseCasePolicy_{{$timestamp}}",\n "default": "false",\n "description": "A new passwordless sign-on policy (MFA-only, no password required)."\n}');
try {
$response = $request->send();
if ($response->getStatus() == 200) {
echo $response->getBody();
}
else {
echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
$response->getReasonPhrase();
}
}
catch(HTTP_Request2_Exception $e) {
echo 'Error: ' . $e->getMessage();
}require "uri"
require "json"
require "net/http"
url = URI("{{apiPath}}/environments/{{envID}}/signOnPolicies")
http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/json"
request["Authorization"] = "Bearer {{accessToken}}"
request.body = JSON.dump({
"name": "Passwordless_UseCasePolicy_{{\$timestamp}}",
"default": "false",
"description": "A new passwordless sign-on policy (MFA-only, no password required)."
})
response = http.request(request)
puts response.read_bodylet parameters = "{\n \"name\": \"Passwordless_UseCasePolicy_{{$timestamp}}\",\n \"default\": \"false\",\n \"description\": \"A new passwordless sign-on policy (MFA-only, no password required).\"\n}"
let postData = parameters.data(using: .utf8)
var request = URLRequest(url: URL(string: "{{apiPath}}/environments/{{envID}}/signOnPolicies")!,timeoutInterval: Double.infinity)
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")
request.httpMethod = "POST"
request.httpBody = postData
let task = URLSession.shared.dataTask(with: request) { data, response, error in
guard let data = data else {
print(String(describing: error))
return
}
print(String(data: data, encoding: .utf8)!)
}
task.resume()Example Response
201 Created
{
"_links": {
"self": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/signOnPolicies/e292f286-7ce1-4e78-b9a8-246dcf0990da"
},
"environment": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
},
"actions": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/signOnPolicies/e292f286-7ce1-4e78-b9a8-246dcf0990da/actions"
}
},
"id": "e292f286-7ce1-4e78-b9a8-246dcf0990da",
"environment": {
"id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
},
"name": "Passwordless_UseCasePolicy_1776884609",
"description": "A new passwordless sign-on policy (MFA-only, no password required).",
"default": false
}