Step 1: Create a risk policy set
POST {{apiPath}}/environments/{{envID}}/riskPolicySetsA risk policy is determined by the customer’s specific configuration settings as well as intelligence gathered from common use cases, which are then used in event evaluation to calculate risk scores for received events.
The POST {{apiPath}}/environments/{{envID}}/riskPolicySets/ creates a new risk policy set in the specified environment. In the request body, you must define at least one risk policy in the riskPolicies property array, and the risk policy definition must specify a condition expression and a result. The priority property in the risk policy definition is optional. In this scenario, you will define the whitelist and anonymous network detection policies.
Body
raw ( application/json )
{
"name": "Use_Case_Risk_Policy_Set",
"description": "Custom risk policy set",
"defaultResult": {
"level": "Low"
},
"riskPolicies": [
{
"name": "WHITELIST",
"priority": 1,
"result": {
"level": "LOW"
},
"condition": {
"contains": "${transaction.ip}",
"ipRange": [
"1.1.1.1/16",
"2.2.2.2/24"
]
}
},
{
"name": "ANONYMOUS_NETWORK_DETECTION",
"result": {
"level": "HIGH"
},
"condition": {
"value": "${details.anonymousNetworkDetected}",
"equals": true
}
}
]
}Example Request
-
cURL
-
C#
-
Go
-
HTTP
-
Java
-
jQuery
-
NodeJS
-
Python
-
PHP
-
Ruby
-
Swift
curl --location --globoff '{{apiPath}}/environments/{{envID}}/riskPolicySets' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{accessToken}}' \
--data '{
"name": "Use_Case_Risk_Policy_Set",
"description": "Custom risk policy set",
"defaultResult": {
"level": "Low"
},
"riskPolicies": [
{
"name": "WHITELIST",
"priority": 1,
"result": {
"level": "LOW"
},
"condition": {
"contains": "${transaction.ip}",
"ipRange": [
"1.1.1.1/16",
"2.2.2.2/24"
]
}
},
{
"name": "ANONYMOUS_NETWORK_DETECTION",
"result": {
"level": "HIGH"
},
"condition": {
"value": "${details.anonymousNetworkDetected}",
"equals": true
}
}
]
}'var options = new RestClientOptions("{{apiPath}}/environments/{{envID}}/riskPolicySets")
{
MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Bearer {{accessToken}}");
var body = @"{" + "\n" +
@" ""name"": ""Use_Case_Risk_Policy_Set""," + "\n" +
@" ""description"": ""Custom risk policy set""," + "\n" +
@" ""defaultResult"": {" + "\n" +
@" ""level"": ""Low""" + "\n" +
@" }," + "\n" +
@" ""riskPolicies"": [" + "\n" +
@" {" + "\n" +
@" ""name"": ""WHITELIST""," + "\n" +
@" ""priority"": 1," + "\n" +
@" ""result"": {" + "\n" +
@" ""level"": ""LOW""" + "\n" +
@" }," + "\n" +
@" ""condition"": {" + "\n" +
@" ""contains"": ""${transaction.ip}""," + "\n" +
@" ""ipRange"": [" + "\n" +
@" ""1.1.1.1/16""," + "\n" +
@" ""2.2.2.2/24""" + "\n" +
@" ]" + "\n" +
@" }" + "\n" +
@" }," + "\n" +
@" {" + "\n" +
@" ""name"": ""ANONYMOUS_NETWORK_DETECTION""," + "\n" +
@" ""result"": {" + "\n" +
@" ""level"": ""HIGH""" + "\n" +
@" }," + "\n" +
@" ""condition"": {" + "\n" +
@" ""value"": ""${details.anonymousNetworkDetected}""," + "\n" +
@" ""equals"": true" + "\n" +
@" }" + "\n" +
@" }" + "\n" +
@" ]" + "\n" +
@"}";
request.AddStringBody(body, DataFormat.Json);
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "{{apiPath}}/environments/{{envID}}/riskPolicySets"
method := "POST"
payload := strings.NewReader(`{
"name": "Use_Case_Risk_Policy_Set",
"description": "Custom risk policy set",
"defaultResult": {
"level": "Low"
},
"riskPolicies": [
{
"name": "WHITELIST",
"priority": 1,
"result": {
"level": "LOW"
},
"condition": {
"contains": "${transaction.ip}",
"ipRange": [
"1.1.1.1/16",
"2.2.2.2/24"
]
}
},
{
"name": "ANONYMOUS_NETWORK_DETECTION",
"result": {
"level": "HIGH"
},
"condition": {
"value": "${details.anonymousNetworkDetected}",
"equals": true
}
}
]
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Authorization", "Bearer {{accessToken}}")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}POST /environments/{{envID}}/riskPolicySets HTTP/1.1
Host: {{apiPath}}
Content-Type: application/json
Authorization: Bearer {{accessToken}}
{
"name": "Use_Case_Risk_Policy_Set",
"description": "Custom risk policy set",
"defaultResult": {
"level": "Low"
},
"riskPolicies": [
{
"name": "WHITELIST",
"priority": 1,
"result": {
"level": "LOW"
},
"condition": {
"contains": "${transaction.ip}",
"ipRange": [
"1.1.1.1/16",
"2.2.2.2/24"
]
}
},
{
"name": "ANONYMOUS_NETWORK_DETECTION",
"result": {
"level": "HIGH"
},
"condition": {
"value": "${details.anonymousNetworkDetected}",
"equals": true
}
}
]
}OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\n \"name\": \"Use_Case_Risk_Policy_Set\",\n \"description\": \"Custom risk policy set\",\n \"defaultResult\": {\n \"level\": \"Low\"\n },\n \"riskPolicies\": [\n {\n \"name\": \"WHITELIST\",\n \"priority\": 1,\n \"result\": {\n \"level\": \"LOW\"\n },\n \"condition\": {\n \"contains\": \"${transaction.ip}\",\n \"ipRange\": [\n \"1.1.1.1/16\",\n \"2.2.2.2/24\"\n ]\n }\n },\n {\n \"name\": \"ANONYMOUS_NETWORK_DETECTION\",\n \"result\": {\n \"level\": \"HIGH\"\n },\n \"condition\": {\n \"value\": \"${details.anonymousNetworkDetected}\",\n \"equals\": true\n }\n }\n ]\n}");
Request request = new Request.Builder()
.url("{{apiPath}}/environments/{{envID}}/riskPolicySets")
.method("POST", body)
.addHeader("Content-Type", "application/json")
.addHeader("Authorization", "Bearer {{accessToken}}")
.build();
Response response = client.newCall(request).execute();var settings = {
"url": "{{apiPath}}/environments/{{envID}}/riskPolicySets",
"method": "POST",
"timeout": 0,
"headers": {
"Content-Type": "application/json",
"Authorization": "Bearer {{accessToken}}"
},
"data": JSON.stringify({
"name": "Use_Case_Risk_Policy_Set",
"description": "Custom risk policy set",
"defaultResult": {
"level": "Low"
},
"riskPolicies": [
{
"name": "WHITELIST",
"priority": 1,
"result": {
"level": "LOW"
},
"condition": {
"contains": "${transaction.ip}",
"ipRange": [
"1.1.1.1/16",
"2.2.2.2/24"
]
}
},
{
"name": "ANONYMOUS_NETWORK_DETECTION",
"result": {
"level": "HIGH"
},
"condition": {
"value": "${details.anonymousNetworkDetected}",
"equals": true
}
}
]
}),
};
$.ajax(settings).done(function (response) {
console.log(response);
});var request = require('request');
var options = {
'method': 'POST',
'url': '{{apiPath}}/environments/{{envID}}/riskPolicySets',
'headers': {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{accessToken}}'
},
body: JSON.stringify({
"name": "Use_Case_Risk_Policy_Set",
"description": "Custom risk policy set",
"defaultResult": {
"level": "Low"
},
"riskPolicies": [
{
"name": "WHITELIST",
"priority": 1,
"result": {
"level": "LOW"
},
"condition": {
"contains": "${transaction.ip}",
"ipRange": [
"1.1.1.1/16",
"2.2.2.2/24"
]
}
},
{
"name": "ANONYMOUS_NETWORK_DETECTION",
"result": {
"level": "HIGH"
},
"condition": {
"value": "${details.anonymousNetworkDetected}",
"equals": true
}
}
]
})
};
request(options, function (error, response) {
if (error) throw new Error(error);
console.log(response.body);
});import requests
import json
url = "{{apiPath}}/environments/{{envID}}/riskPolicySets"
payload = json.dumps({
"name": "Use_Case_Risk_Policy_Set",
"description": "Custom risk policy set",
"defaultResult": {
"level": "Low"
},
"riskPolicies": [
{
"name": "WHITELIST",
"priority": 1,
"result": {
"level": "LOW"
},
"condition": {
"contains": "${transaction.ip}",
"ipRange": [
"1.1.1.1/16",
"2.2.2.2/24"
]
}
},
{
"name": "ANONYMOUS_NETWORK_DETECTION",
"result": {
"level": "HIGH"
},
"condition": {
"value": "${details.anonymousNetworkDetected}",
"equals": True
}
}
]
})
headers = {
'Content-Type': 'application/json',
'Authorization': 'Bearer {{accessToken}}'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/environments/{{envID}}/riskPolicySets');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
'follow_redirects' => TRUE
));
$request->setHeader(array(
'Content-Type' => 'application/json',
'Authorization' => 'Bearer {{accessToken}}'
));
$request->setBody('{\n "name": "Use_Case_Risk_Policy_Set",\n "description": "Custom risk policy set",\n "defaultResult": {\n "level": "Low"\n },\n "riskPolicies": [\n {\n "name": "WHITELIST",\n "priority": 1,\n "result": {\n "level": "LOW"\n },\n "condition": {\n "contains": "${transaction.ip}",\n "ipRange": [\n "1.1.1.1/16",\n "2.2.2.2/24"\n ]\n }\n },\n {\n "name": "ANONYMOUS_NETWORK_DETECTION",\n "result": {\n "level": "HIGH"\n },\n "condition": {\n "value": "${details.anonymousNetworkDetected}",\n "equals": true\n }\n }\n ]\n}');
try {
$response = $request->send();
if ($response->getStatus() == 200) {
echo $response->getBody();
}
else {
echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
$response->getReasonPhrase();
}
}
catch(HTTP_Request2_Exception $e) {
echo 'Error: ' . $e->getMessage();
}require "uri"
require "json"
require "net/http"
url = URI("{{apiPath}}/environments/{{envID}}/riskPolicySets")
http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/json"
request["Authorization"] = "Bearer {{accessToken}}"
request.body = JSON.dump({
"name": "Use_Case_Risk_Policy_Set",
"description": "Custom risk policy set",
"defaultResult": {
"level": "Low"
},
"riskPolicies": [
{
"name": "WHITELIST",
"priority": 1,
"result": {
"level": "LOW"
},
"condition": {
"contains": "\${transaction.ip}",
"ipRange": [
"1.1.1.1/16",
"2.2.2.2/24"
]
}
},
{
"name": "ANONYMOUS_NETWORK_DETECTION",
"result": {
"level": "HIGH"
},
"condition": {
"value": "\${details.anonymousNetworkDetected}",
"equals": true
}
}
]
})
response = http.request(request)
puts response.read_bodylet parameters = "{\n \"name\": \"Use_Case_Risk_Policy_Set\",\n \"description\": \"Custom risk policy set\",\n \"defaultResult\": {\n \"level\": \"Low\"\n },\n \"riskPolicies\": [\n {\n \"name\": \"WHITELIST\",\n \"priority\": 1,\n \"result\": {\n \"level\": \"LOW\"\n },\n \"condition\": {\n \"contains\": \"${transaction.ip}\",\n \"ipRange\": [\n \"1.1.1.1/16\",\n \"2.2.2.2/24\"\n ]\n }\n },\n {\n \"name\": \"ANONYMOUS_NETWORK_DETECTION\",\n \"result\": {\n \"level\": \"HIGH\"\n },\n \"condition\": {\n \"value\": \"${details.anonymousNetworkDetected}\",\n \"equals\": true\n }\n }\n ]\n}"
let postData = parameters.data(using: .utf8)
var request = URLRequest(url: URL(string: "{{apiPath}}/environments/{{envID}}/riskPolicySets")!,timeoutInterval: Double.infinity)
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")
request.httpMethod = "POST"
request.httpBody = postData
let task = URLSession.shared.dataTask(with: request) { data, response, error in
guard let data = data else {
print(String(describing: error))
return
}
print(String(data: data, encoding: .utf8)!)
}
task.resume()Example Response
201 Created
{
"_links": {
"self": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/riskPolicySets/22b059a4-b027-4e2c-a685-1207fa53a455"
},
"environment": {
"href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
}
},
"id": "22b059a4-b027-4e2c-a685-1207fa53a455",
"environment": {
"id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
},
"name": "Use_Case_Risk_Policy_Set",
"description": "Custom risk policy set",
"createdAt": "2021-02-25T00:05:57.566Z",
"updatedAt": "2021-02-25T00:05:57.566Z",
"defaultResult": {
"level": "LOW",
"type": "VALUE"
},
"riskPolicies": [
{
"id": "134715be-27c7-4887-97fb-e4141217e9d2",
"environment": {
"id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
},
"policySet": {
"id": "22b059a4-b027-4e2c-a685-1207fa53a455"
},
"name": "WHITELIST",
"priority": 1,
"result": {
"level": "LOW",
"type": "VALUE"
},
"condition": {
"ipRange": [
"1.1.1.1/16",
"2.2.2.2/24"
],
"contains": "${transaction.ip}"
},
"createdAt": "2021-02-25T00:05:57.566Z",
"updatedAt": "2021-02-25T00:05:57.566Z"
},
{
"id": "3e34788e-00f5-4480-88b5-3300e38757e1",
"environment": {
"id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
},
"policySet": {
"id": "22b059a4-b027-4e2c-a685-1207fa53a455"
},
"name": "ANONYMOUS_NETWORK_DETECTION",
"priority": 2,
"result": {
"level": "HIGH",
"type": "VALUE"
},
"condition": {
"equals": true,
"value": "${details.anonymousNetworkDetected}"
},
"createdAt": "2021-02-25T00:05:57.566Z",
"updatedAt": "2021-02-25T00:05:57.566Z"
}
],
"default": false
}