PingOne supports several application types. When you make a POST /environments/{{envID}}/applications
request to define a new application, you must specify the type
property that best describes the application. PingOne supports the following application types:
Web application
A browser-based application with a server-side component, such as ASP, CGI, JSP/Java, Node.js, or Ruby on Rails applications.
Native application
An application that is installed and run directly on the local operating system, like Java, Objective-C, Swift, or React applications. Native applications are typically intended for native devices.
Single page application
A browser-based application that runs on the front-end with no server-side component, such as Sencha Touch, AngularJS, and React applications. A single page application runs on the client side after it loads, so it cannot keep a client secret.
Non-interactive
A web application that does not require user interaction through the web browser, like a command line interface, a service, or a daemon.
Worker
An administrator application that can interact with platform APIs. Access to platform APIs is determined by the user’s or application’s role assignments.
An authorization grant gives applications the capability to authenticate users and access secure resources. The following steps describe the application authorization flow:
The application initiates the authorization flow through a GET
or POST
request to the authorize
endpoint.
The authorization service generates the access token for the implicit
grant.
For authorization_code
and client_credentials
grants, the application calls the /{{envID}}/as/token
endpoint to acquire the access token.
For more information about authorization, see OpenID Connect/OAuth 2.
The following topics describe common authorization requests for the designated application type.