Application resources define the connection between PingOne and the actual application (also known as a client connection). PingOne supports several application types. When you make a request to define a new application, you must specify the type property that specifies one of the following application types:

The type of application specified determines several key properties, including the resource grant type that can be applied to the application. For example, the following table shows the relationships between the application type attribute and the default grantTypes, response_type, and tokenEndpointAuthMethod attributes.

Application type Grant type Response type Token endpoint authentication method
Worker/Non-interactive CLIENT_CREDENTIALS TOKEN CLIENT_SECRET_BASIC
Native AUTHORIZATION_CODE, IMPLICIT TOKEN, ID_TOKEN, CODE NONE
Web AUTHORIZATION_CODE CODE CLIENT_SECRET_BASIC
Single-page IMPLICIT TOKEN, ID_TOKEN NONE

Managing applications

The base endpoint, /environment/{environmentID}/applications, provides endpoint operations to create, read, update, and delete OIDC and SAML application connections. There are POST request examples to show the required properties to create each type of application connection. For more information, see Application Operations.

The secret endpoint, /environments/{environmentId}/applications/{applicationId}/secret, provides endpoint operations to read and update the application’s secret, if the requesting actor has a superset of the application’s role assignments. For more information, see Application Secret.

Applications support the following additional configuration properties: