The PingOne authorization endpoint /{{envID}}/as/authorize is used to interact with the resource owner and obtain an authorization grant. The authorization request must include values for the following properties:

The response returns a 302 message with a flowID embedded in the Location header, which specifies that a call should be made to another resource to continue the authentication flow. The Location header looks like this:


The authentication flow presents appropriate forms to an end user and submits data provided by the user for all required steps. It also redirects to the resume URL when the authentication flow is complete. For information about authentication flows, see Authentication workflow walkthrough.

When the flow finishes, it returns an access token.