Working with resources


Resources

Resources in the PingOne Platform are endpoints that applications can request access to using OAuth 2 services. For example, https://api.pingone.com is a defined resource that represents the PingOne Platform APIs. You can also create custom resources to associate with custom applications.

Resources have scopes, and applications can request an access token that is associated with specific scopes when the token is granted. The endpoint enforces access through the encoded representation of the scopes in the access token. The endpoint decodes the token to determine the permissions allowed for the application.

For more information about scopes, see Working with scopes.

The examples that follow show common actions to find and manage resources entities. You need the Client Application Developer role to perform operations on resources entities. For more information, see Working with user roles.

Get resources

The GET /environments/{environmentId}/resources endpoint returns a list of all resource entities associated with the specified environment resource.

curl -X "GET" "https://api.pingone.com/v1/environments/0271641f-2d74-4bb0-b416-4a39b8714261/resources" \
-H 'Content-type: application/json' \
-H 'Authorization: Bearer jwtToken'

The response data looks like this:

{
  "_links" : {
    "self" : {
      "href" : "https://api.pingone.com/v1/environments/0271641f-2d74-4bb0-b416-4a39b8714261/resources"
    }
  },
  "_embedded" : {
    "items" : [ {
      "_links" : {
        "self" : {
          "href" : "https://api.pingone.com/v1/environments/0271641f-2d74-4bb0-b416-4a39b8714261/resources/607d2326-5d08-475d-aab3-8e8df5237c18"
        },
        "environment" : {
          "href" : "https://api.pingone.com/v1/environments/0271641f-2d74-4bb0-b416-4a39b8714261"
        }
      },
      "id" : "607d2326-5d08-475d-aab3-8e8df5237c18",
      "name" : "https://api.pingone.com",
      "description" : "APIs to manage all aspects of the PingOne platform."
    }, {
      "_links" : {
        "self" : {
          "href" : "https://api.pingone.com/v1/environments/0271641f-2d74-4bb0-b416-4a39b8714261/resources/79d29353-1508-4276-b0fa-2bffd5566aed"
        },
        "environment" : {
          "href" : "https://api-staging.pingone.com/v1/environments/0271641f-2d74-4bb0-b416-4a39b8714261"
        }
      },
      "id" : "79d29353-1508-4276-b0fa-2bffd5566aed",
      "name" : "openid",
      "description" : "OpenID Connect scopes can be used to request that specific sets of information be made available as Claim Values in the ID token and the UserInfo endpoint."
    } ]
  },
  "count" : 2,
  "size" : 2
}

To get data for a single resource entity, the GET /environments/{envId}/resources/{id} operation returns data for the resource entity with the specified ID.

curl -X GET "https://api.pingone.com//v1/environments/0bda42bc-d54f-449f-8d46-d5b8990c43ba/resources/607d2326-5d08-475d-aab3-8e8df5237c18" \
-H "Content-type: application/json" \
-H "Authorization: Bearer jwtToken"

Create resources

The POST /environments/{envId}/resources/ operation adds a new resource entity to the specified environment resource.

curl -X "POST" "https://api.pingone.com/v1/environments/58f92121-b753-4e7e-8d82-23b5bf80efe5/resources/2c820676-3f02-49fe-b3c6-0fd854e53d4e/scopes/" \
-H 'Content-type: application/json' \
-H 'Authorization: Bearer jwtToken' \
-d $'{
  "name": "MyNewResource"
}'

The request body must specify a value for the resource entity’s name property, and the name value must be unique within the specified environment resource.

Update resources

The PUT /environments/{envId}/resources/{id} operation updates the property values of the identified resource entity.

curl -X "PUT" "https://api.pingone.com/v1/environments/58f92121-b753-4e7e-8d82-23b5bf80efe5/resources/2c820676-3f02-49fe-b3c6-0fd854e53d4e{id}/" \
-H 'Content-type: application/json' \
-H 'Authorization: Bearer jwtToken' \
-d $'{
  "name": "https://api.photostore.com",
  "description": "Resource for PhotoStore application endpoints."
}'

The request body specifies updated property values for the resource name and description. Any property values not specified in the request body are cleared. The response returns a 200 OK message, and it shows the updated property data for the modified resource entity.