PingOne supports several application types. When you make a POST /environments/{{envID}}/applications request to define a new application, you must specify the type property that best describes the application. PingOne supports the following application types:
Web application
A browser-based application with a server-side component, such as ASP, CGI, JSP/Java, Node.js, or Ruby on Rails applications.
Native application
An application that is installed and run directly on the local operating system, like Java, Objective-C, Swift, or React applications. Native applications are typically intended for native devices.
Single page application
A browser-based application that runs on the front-end with no server-side component, such as Sencha Touch, AngularJS, and React applications. A single page application runs on the client side after it loads, so it cannot keep a client secret.
Non-interactive
A web application that does not require user interaction through the web browser, like a command line interface, a service, or a daemon.
Worker
An administrator application that can interact with platform APIs. Access to platform APIs is determined by the user’s or application’s role assignments.
An authorization grant gives applications the capability to authenticate users and access secure resources. The following steps describe the application authorization flow:
The application initiates the authorization flow through a GET or POST request to the authorize endpoint.
The authorization service generates the access token for the implicit grant.
For authorization_code and client_credentials grants, the application calls the /{{envID}}/as/token endpoint to acquire the access token.
For more information about authorization, see OpenID Connect/OAuth 2.
The following topics describe common authorization requests for the designated application type.