This activity shows you how to create an application, configure its connection settings, create a resource access grant, and initiate an authorization request. After an access token is generated, it is used by a user to update a user attribute.
The following operations are supported by the PingOne APIs:
authorization_code
authorization flowWorkflow order of operations
To configure an application and initiate an authorization code flow, the following tasks must be completed successfully:
Make a POST
request to /environments/{{envID}}/applications
to add a new application to the specified environment.
Make a GET
request to /environments/{{envID}}/applications/{{appID}}/secret
to return the new application’s secret
attribute.
Make a GET
request to /environments/{{envID}}/resources
to return a list of all resource entities associated with the specified environment to get the ID for the PingOne platform resource.
Make a GET
request to /environments/{{envID}}/resources/{{resourceID}}/scopes
to list all scopes associated with a specified resource (the PingOne platform resource).
Make a POST
request to /environments/{{envID}}/applications/{{appID}}/grants
to create a new resource access grant for the application.
Make a POST
request to /{{envID}}/as/authorize
to obtain an authorization grant. This request starts the authorization flow.
To initiate the authentication flow, make a GET
request to GET /{{envID}}/flows/{{flowID}}
.
To complete the authentication flow, make a POST
request to GET /{{envID}}/flows/{{flowID}}
and provide the user’s login credentials.
After the authorization flow completes and returns an auth code, make a POST
request to /{{envID}}/as/token
to exchange the auth code for an access token.
Use the access token to make a GET
request to /environments/{{envID}}/users/{{userID}}
to view return information about the identified user.
Click the Run in Postman button below to download the Postman collection for this use case.