Use the POST /authenticationPolicyContracts endpoint to create a new Authentication Policy Contract. If the Authentication Policy Contract is not properly configured, a 422 status code is returned along with a list of validation errors that must be corrected.

Status codes

Code Reason
201 Authentication policy contract created.
400 The request was improperly formatted or contained invalid fields.
403 PingFederate does not have the appropriate IdP/SP role enabled. Operation not available.
422 Validation error(s) occurred.

AuthenticationPolicyContract - Authentication Policy Contracts carry user attributes from the identity provider to the service provider.

Property Type Description
coreAttributes array[AuthenticationPolicyContractAttribute] A list of read-only assertion attributes (for example, subject) that are automatically populated by PingFederate.
extendedAttributes array[AuthenticationPolicyContractAttribute] A list of additional attributes as needed.
id string The persistent, unique ID for the authentication policy contract. It can be any combination of [a-zA-Z0-9._-]. This property is system-assigned if not specified.
name string The Authentication Policy Contract Name. Name is unique.

AuthenticationPolicyContractAttribute - An attribute for the Authentication Policy Contract.

Property Type Description
name * string The name of this attribute.