PingOne supports a sign-on flow that uses only a username and a multi-factor authentication (MFA) sign-on action to authenticate the user. This activity shows you how to create a sign-on policy that does not require a password at sign on.

This scenario illustrates the following common operations supported by the PingOne APIs:

Workflow order of operations

To create a sign-on policy that does not prompt for a password at login, the following tasks must be completed successfully:

  1. Make a POST request to /environments/{environmentId}/applications to create a new application connection.

  2. Make a POST request to /environments/{environmentId}/signOnPolicies to create a new sign-on policy.

  3. Make a POST request to /environments/{environmentId}/signOnPolicies/{policyId}/actions to create a new MFA sign-on policy action, which is associated with the new (no password) sign-on policy.

  4. Make a POST request to /environments/{environmentId}/applications/{applicationId}/signOnPolicyAssignments to associate this sign-on policy with the specified application.

  5. Make a GET request to the authorization server to retrieve the URL for the sign-on screen, which is returned in the response’s HTTP Location header.

Click the Run in Postman button below to download the Postman collection for this use case.

Run in Postman