---
title: Create a Risk Evaluation
description: This activity shows you how to create a new risk evaluation. This scenario illustrates the following common operations supported by the PingOne APIs:
component: pingone-api
page_id: pingone-api:workflow-library:pingone-protect/create-a-risk-evaluation
canonical_url: https://developer.pingidentity.com/pingone-api/workflow-library/pingone-protect/create-a-risk-evaluation.html
section_ids:
  prerequisites: Prerequisites
  what-youll-do: What you'll do
  defining-the-risk-evaluation-resource: Defining the risk evaluation resource
---

# Create a Risk Evaluation

This activity shows you how to create a new risk evaluation. This scenario illustrates the following common operations supported by the PingOne APIs:

* Get a list of risk policy set resources

* Create a risk evaluation resource that uses a specific risk policy set

## Prerequisites

Get an access token from the worker application that you created in [Create an admin Worker app connection](../../getting-started/create-an-admin-worker-app.html). To get a token from a different worker application in an alternate sandbox environment, run the token request endpoint using the client ID and client secret of your chosen worker app to authenticate the request. For more information, refer to [Get a PingOne admin access token](../../getting-started/create-a-test-environment/step-1-get-access-token.html).

## What you'll do

To create the new risk evaluation, the following tasks must be completed successfully:

* GET request to return the list of risk policy set resources associated with the environment.

* POST request to create a new risk evaluation resource that references a risk policy set resource.

Click the **Run in Postman** button below to fork, or download and import, the Postman collection for this workflow to your workspace.

## Defining the risk evaluation resource

For the `POST` request to `/environments/{{envID}}/riskEvaluations`, the risk evaluation resource definition lets you specify the risk policy set to apply to the evaluation. If a particular risk policy set is not specified, the risk evaluation uses the environment's default risk policy set to determine the risk levels for the event. In this use case, the risk evaluation sets the `riskPolicySet.id` property to the `{{riskPolicySetID}}` Postman variable, which should contain the ID of the risk policy set that you created in the [Create a risk policy set](create-a-risk-policy-set.html) activity.

The risk evaluation definition must include an `event` object that specifies details about the authentication action to evaluate against the risk policies defined in the risk policy set. In its most basic form, the event object defines a user (`user.id` and `user.type`) and an IP address (`ip`). From this information, the risk evaluation can provide a meaningful risk response for all supported risk predictors (`anonymousNetwork`, `ipRisk`, `geoVelocity`, `userRiskBehavior`) except the user risk behavior predictor, which requires the `targetResource` and `UserAgent` properties. For more information about the risk evaluation event data model, refer to [Risk Evaluations](../../protect/risk-evaluations.html) in the PingOne API Reference.

The risk evaluation process follows these steps:

1. The risk service receives an event that it is configured to monitor and evaluate.

2. A risk calculation is made for the event based on the configured risk policies.

3. The risk service returns the risk result to the client.

Click the **Run in Postman** button below to fork, or download and import, the Postman collection for this workflow to your workspace.

[Run in Postman](https://god.gw.postman.com/run-collection/18568624-2fb495d2-2a93-4768-bb4f-35b7010853f6?action=collection%2Ffork\&source=rip_markdown\&collection-url=entityId%3D18568624-2fb495d2-2a93-4768-bb4f-35b7010853f6%26entityType%3Dcollection%26workspaceId%3D3550b170-7818-4801-b1eb-dcb7b3f64263#?env%5BPingOne%20Workflow%20Library%20Template%20%28release%3A%202025-04-17%29%5D=W3sia2V5IjoidGxkIiwidmFsdWUiOiJjb20iLCJlbmFibGVkIjp0cnVlLCJ0eXBlIjoiZGVmYXVsdCJ9LHsia2V5IjoiYXV0aFBhdGgiLCJ2YWx1ZSI6Imh0dHBzOi8vYXV0aC5waW5nb25lLnt7dGxkfX0iLCJlbmFibGVkIjp0cnVlLCJ0eXBlIjoiZGVmYXVsdCJ9LHsia2V5IjoiYXBpUGF0aCIsInZhbHVlIjoiaHR0cHM6Ly9hcGkucGluZ29uZS57e3RsZH19L3YxIiwiZW5hYmxlZCI6dHJ1ZSwidHlwZSI6ImRlZmF1bHQifSx7ImtleSI6ImFkbWluRW52SUQiLCJ2YWx1ZSI6IiIsImVuYWJsZWQiOnRydWUsInR5cGUiOiJkZWZhdWx0In0seyJrZXkiOiJhZG1pbkFwcElEIiwidmFsdWUiOiIiLCJlbmFibGVkIjp0cnVlLCJ0eXBlIjoiZGVmYXVsdCJ9LHsia2V5IjoiYWRtaW5BcHBTZWNyZXQiLCJ2YWx1ZSI6IiIsImVuYWJsZWQiOnRydWUsInR5cGUiOiJkZWZhdWx0In0seyJrZXkiOiJlbnZJRCIsInZhbHVlIjoiIiwiZW5hYmxlZCI6dHJ1ZSwidHlwZSI6ImRlZmF1bHQifV0=)