PingOne Connector
Use the PingOne DaVinci connector to add PingOne functionality for your DaVinci flow.
The PingOne connector has capabilities that you can tie together to achieve your desired outcome. The connector acts like a worker application with each capability calling one or more endpoints in PingOne using your application for authentication.
You can use the PingOne connector to:
-
Create a sign-on flow for authentication
-
Reset a user’s password
-
Register new users in the PingOne user store
-
Unlock a locked user account
-
Create, edit, and delete users in the PingOne user store
-
Verify a user’s email address
-
View a user’s population
-
Manage a user’s group memberships
-
Manage user groups
-
View agreements and consents for a user
-
Migrate users from an LDAP datastore to PingOne
-
Authenticate users through Kerberos
Setup
Resources
You can find information in, the following sections of the PingOne documentation:
-
PingOne:
-
DaVinci documentation:
Requirements
To use the connector, you’ll need:
-
A PingOne license (Try PingOne for free)
-
A PingOne environment with a configured Worker app
Setting up PingOne
Setting up your PingOne environment
Learn more in Getting started with PingOne.
Adding a Worker application
Add a Worker application in the PingOne console before setting up the PingOne connector in DaVinci.
-
In the PingOne console, add a Worker app. You can find details in Adding an application.
Attribute mappings are not required.
-
Ensure that you set the authentication method as
Client secret basic
.The PingOne connector receives a token using your application’s credentials.
-
Enable the application. You can find details in Enabling or disabling an application.
The capabilities in the PingOne connector call endpoints in PingOne with a token received using the application’s credentials. To enable all capabilities, your application needs the required role assignments for the associated capability. If the application doesn’t have the required role assignment, you’ll see error messages stating that the required authorization isn’t configured.
Assigning Roles to the application
To use the appropriate capabilities, the Worker app used by the connector needs the Environment Admin and Identity Data Admin roles.
The user that creates the Worker app must have the Environment Admin and Identity Data Admin roles to assign the roles to a Worker app. |
-
In your PingOne environment, go to Applications → Applications.
If you haven’t added the application yet, find details in Adding an application.
-
Locate the appropriate application and click it to open the details panel.
-
Click the Roles tab and then click the Pencil icon to edit the roles.
-
Review the assigned roles to ensure that they include Environment Admin and Identity Data Admin roles. If not, click Add role to assign them.
Getting your application credentials
Get the Client ID and Client secret from the PingOne console before setting up the PingOne connector in DaVinci.
-
In your PingOne environment, go to Applications → Applications.
If you haven’t added the application yet, find details in Adding an application.
-
Locate the appropriate application and click it to open the details panel.
-
On the Configuration tab, expand General and locate the Client ID and Client secret. Copy these values to a secure location.
Setting up the PingOne connector configuration
In DaVinci, add a PingOne connection. You can find details in Adding a connector.
Connector configuration
Environment ID
The unique identifier for the appropriate PingOne environment. You can find details on finding the environment ID in Environment properties.
Client ID
The unique public identifier for the PingOne application. You can find details on finding the client ID in Viewing application details.
Client secret
The cryptographic secret that is known only to the application and the authorization server. You can find details on finding the client secret in Viewing a client secret.
Region
The geographic region that hosts your PingOne tenant. You can find details on finding the region in Environment properties.
Using the connector in a flow
You can use sample flows as a starting point or create your own flows to satisfy your requirements. The following section shows some popular sample flows. Open the Flow Library to see them all.
Authenticating users and resetting passwords
Use this flow to create authentication flows that include the ability for users to reset or recover their passwords.
Search for PingOne - Sign On and Password Reset in the Flow Library
You can find details in Creating an authentication flow guide.
Registering users and setting up MFA
Use this flow to create registration flows with optional user enrollment to MFA.
Search for PingOne - Register with verify email and MFA enrollment in the Flow Library
You can find details in Creating an authentication flow guide.
Authenticating users with Risk and MFA
Use this flow to create sign-on flows that include a password check and a conditional step-up to second-factor authentication using PingOne Risk
Search for PingOne - Sign On and Adaptive MFA in the Flow Library
You can find details in Creating an authentication flow guide.
Registering users with agreements and verifying email
Use this flow to create registration flows that include email address verification and agreement consent.
Search for PingOne - Register with Agreements and Verify Email in the Flow Library
You can find details in Creating an authentication flow guide.
Registering users and verifying email
Use this flow to create registration flows that include email address verification.
Search for PingOne - Register with Verify Email in the Flow Library
You can find details in Creating an authentication flow guide.
Managing group memberships
The connector has several capabilities that allow you to manage the groups that a user belongs to in PingOne:
-
Read User Group Membership
-
Create User Group Membership
-
Delete User Group Membership
No special flow configuration is needed. Add the capability that you want and populate its properties according to the help text.
Managing user groups
The connector has several capabilities that allow you to manage groups.
-
Create Group
-
Create a new user group in PingOne and optionally set the metadata on the group. Only the Group Name is required.
Updating a group’s metadata using the Update Group capability on a DaVinci flow overwrites any existing metadata on PingOne Groups.
-
-
Read Group
-
Read a user group. Only the Group ID is required.
-
-
Update Group
-
Update an existing user group with the supplied information and optionally update a group’s metadata. The Group ID is required to verify the group exists and the Group Name is required only when updating a group.
-
-
Delete Group
-
Delete a specified group. Only the Group ID is required.
-
-
Read Group Members
-
Read up to 100 users within a group. The list is filterable by match attributes and an identifier. Only the Group ID is required.
-
No special flow configuration is needed. Add the capability you want and populate its properties according to the help text.
Migrating users from an external directory to PingOne
The connector allows you to use your existing authentication flow to migrate users to the PingOne user store from an external directory.
You can find details on setting up a directory as a gateway in PingOne, see Gateways. |
In your authentication flow, add the PingOne connector with the Migrate User Through Gateway capability. This capability validates the user’s credentials against the directory for authentication, then migrates the user account to PingOne.
The Gateway User Type List property allows you to filter by specific gateways and user types.
Authenticate users via Kerberos
Use this capability to use Kerberos to seamlessly authenticate users who have user records in an on-premises Microsoft Active Directory.
In the flow example below, a user is authenticated using Kerberos when the user does not have a session.
The example flow contains the following nodes:
The PingOne Authentication
node checks if the user has a session in PingOne.
The PingOne
node authenticates the user via Kerberos if the user does not have a session and evaluates as follows:
-
Successful
: ThePingOne Authentication
node returns a success response. -
Failure
: TheUsername/Password Form
node asks for the user’s username and password and the flow continues to theButton Pressed
node. The user has the options to press:-
Submit: The user submits login and the flow continues to the
Sign In
node, theUser Lookup
node, andPingOne node
in which a user migrates through a gateway and lastly continues on to theCheck Password
node. -
Forgot Password: Flow continues to
Forgot Password
node. -
No match: Flow continues to the
An Unexpected Error
node which displays a custom error message.
-
You can find details on setting up Active Directory as a gateway in PingOne in the following: You can find details on using the connector in a flow in Creating an authentication flow in the PingOne DaVinci documentation. |
Alternative Identifier
An alternative identifier is a domain, ID, or custom value used to identify a population.
The following example shows a population with a domain alternative identifier used with the Read Population capability.
{ "id": "42fc7d8f-db37-4a42-8eb8-6664e7f62f79", "environment": { "id": "<env_id>" }, "name": "Sample Population with an Alternative Identifier", "userCount": 256, "createdAt": "2024-10-17T19:16:09.272Z", "updatedAt": "2024-11-17T15:23:33.272Z", "alternativeIdentifiers": [ "pingidentity.com", "another_alt_identifier" ], "default": false }
The following images show setting the alternative identifier value directly in the field and having the value pulled from a prior node’s form value.
Capabilities
Find User
Find a user by identifier.
Show details
- Properties
- Custom SCIM Filter
toggleSwitch
- SCIM Filter
textField
- PingOne Attributes
textFieldArrayView
-
Enter the PingOne attributes you want to use to find a user, such as username, userID, or email.
- Identifier
textField
-
Enter the identifier, which was captured earlier in the flow, that you want to use to find a user. For example, if the attributes specified are email and username, and the identifier is username, the system will search for users whose email or username match the value captured under username.
- Return User Password Status
toggleSwitch
-
The output will include a property named 'passwordStatus' which correlates to the user’s password state status in PingOne.
- Input Schema
- default
object
-
- matchAttributes
array
uniqueItems: true
- items
array
-
- type
string
- maxLength
maxLength: 255
- type
- userIdentifierForFindUser
string
- matchAttributes
User attribute to match attributes.
- returnUserPasswordStatus
boolean
- scimFilter
string
-
SCIM filter to match users.
- Output Schema
-
- output
object
- output
- matchedUser
object
- properties
object
-
- preferredLanguage
string
- timezone
string
- lastSignOn
object
- properties
object
-
- at
string
- remoteIp
string
- at
- title
string
- type
string
- locale
string
- enabled
boolean
- identityProvider
object
- properties
object
-
- id
string
- type
string
- id
- lifecycle
object
- properties
object
-
- status
string
- status
- createdAt
string
- verifyStatus
string
- nickname
string
- mfaEnabled
boolean
- id
string
- email
string
- emailVerified
boolean
- updatedAt
string
- address
object
- properties
object
-
- streetAddress
string
- locality
string
- region
string
- postalCode
string
- countryCode
string
- streetAddress
- externalId
string
- photo
object
- properties
object
-
- href
string
- href
- population
object
- properties
object
-
- id
string
- id
- primaryPhone
string
- accountId
string
- mobilePhone
string
- name
object
- properties
object
-
- formatted
string
- given
string
- middle
string
- family
string
- honorificPrefix
string
- honorificSuffix
string
- formatted
- account
object
- properties
object
-
- canAuthenticate
boolean
- status
string
- lockedAt
string
- secondsUntilUnlock
string
- unlockAt
string
- canAuthenticate
- username
string
- preferredLanguage
- passwordStatus
string
- userFilter
string
- userCount
integer
- rawResponse
object
- headers
object
- statusCode
integer
- Find Multiple Users
-
Find a set of users by an identifier.
Show details
- Properties
- Custom SCIM Filter
toggleSwitch
- SCIM Filter
textField
- PingOne Attributes
textFieldArrayView
-
Enter the PingOne attributes you want to use to find a user, such as username, userID, or email.
- Identifier
textField
-
Enter the identifier, which was captured earlier in the flow, that you want to use to find a user. For example, if the attributes specified are email and username, and the identifier is username, the system will search for users whose email or username match the value captured under username.
- Input Schema
- default
object
-
- matchAttributes
array
uniqueItems: true
- items
array
-
- type
string
- maxLength
maxLength: 255
- type
- userIdentifierForFindUser
string
- matchAttributes
User attribute to match attributes.
- scimFilter
string
-
SCIM filter to match users.
- Output Schema
-
- output
object
-
- matchedUsers
array
- items
array
- matchedUsers
- output
- type
object
- properties
\{"type":"string"}
-
- count
integer
- userFilter
string
- rawResponse
object
- properties
object
- count
- _embedded
object
- properties
object
-
- matchedUsers
array
- items
array
-
- type
object
- properties
\{"type":"string"}
- type
- count
integer
-
- headers
object
- statusCode
integer
- headers
- matchedUsers
- Check Password
-
Validate a user’s password.
Show details
- Properties
- PingOne Attribute
dropDown
-
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
-
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- Password
textField
-
The user’s password to validate.
- Input Schema
- default
object
-
- matchAttribute
string
required
- matchAttribute
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- password
string
required
minLength: 1
-
Password
- Output Schema
- output
object
-
- passwordState
object
- properties
object
-
- environment
object
- properties
object
- environment
- passwordState
- id
string
-
- user
object
- properties
object
- user
- id
string
-
- passwordPolicy
object
- properties
object
- passwordPolicy
- id
string
-
- warnings
object
- properties
object
- warnings
- expires
string
- noChangeUntil
string
- failuresRemaining
number
-
- status
string
- lastChangedAt
string
-
- rawResponse
object
- properties
object
- rawResponse
- environment
object
- properties
object
- status
- id
string
-
- user
object
- properties
object
- user
- id
string
-
- passwordPolicy
object
- properties
object
- passwordPolicy
- id
string
-
- warnings
object
- properties
object
- warnings
- expires
string
- noChangeUntil
string
- failuresRemaining
number
-
- status
string
- lastChangedAt
string
-
- headers
object
- statusCode
integer
- headers
- status
- Create User
-
Create a user with the attribute values provided.
Show details
- Properties
- Username
textField
required
-
The unique identifier for the user.
- Population
dropDown
-
The name of the population.
-
Use Population ID (Default)
-
- Population ID
textField
-
The unique identifier for the population.
- Password
textField
- Given Name
textField
- Family Name
textField
- Email
textField
- Primary Phone
textField
- Mobile Phone
textField
- Preferred Language
textField
- Locale
textField
- Other Attributes
variableInputList
-
Add other attributes and their values.
- Lifecycle Status
dropDown
-
Indicate whether new users must initially verify their identities through email. If they do, they will receive an email containing a verification code when their accounts are created.
-
ACCOUNT_OK (Default)
-
VERIFICATION_REQUIRED
-
- Input Schema
- default
object
-
- population
string
required
minLength: 0
maxLength: 100
- population
Population
- populationId
string
minLength: 0
maxLength: 100
-
Population ID
- given
string
- family
string
- email
string
- primaryPhone
string
- mobilePhone
string
- username
string
required
- preferredLanguage
string
- locale
string
- passwordForCreateUser
string
- lifecycleStatus
string
required
-
- Output Schema
- output
object
- user
object
- properties
object
-
- preferredLanguage
string
- timezone
string
- lastSignOn
object
- properties
object
-
- at
string
- remoteIp
string
- at
- title
string
- type
string
- locale
string
- enabled
boolean
- identityProvider
object
- properties
object
-
- id
string
- type
string
- id
- lifecycle
object
- properties
object
-
- status
string
- status
- createdAt
string
- verifyStatus
string
- nickname
string
- mfaEnabled
boolean
- id
string
- email
string
- emailVerified
boolean
- updatedAt
string
- address
object
- properties
object
-
- streetAddress
string
- locality
string
- region
string
- postalCode
string
- countryCode
string
- streetAddress
- externalId
string
- photo
object
- properties
object
-
- href
string
- href
- population
object
- properties
object
-
- id
string
- id
- primaryPhone
string
- accountId
string
- mobilePhone
string
- name
object
- properties
object
-
- formatted
string
- given
string
- middle
string
- family
string
- honorificPrefix
string
- honorificSuffix
string
- formatted
- account
object
- properties
object
-
- canAuthenticate
boolean
- status
string
- lockedAt
string
- secondsUntilUnlock
string
- unlockAt
string
- canAuthenticate
- username
string
- preferredLanguage
- rawResponse
object
- properties
object
-
- preferredLanguage
string
- timezone
string
- lastSignOn
object
- properties
object
-
- at
string
- remoteIp
string
- at
- title
string
- type
string
- locale
string
- enabled
boolean
- identityProvider
object
- properties
object
-
- id
string
- type
string
- id
- lifecycle
object
- properties
object
-
- status
string
- status
- createdAt
string
- verifyStatus
string
- nickname
string
- mfaEnabled
boolean
- id
string
- email
string
- emailVerified
boolean
- updatedAt
string
- address
object
- properties
object
-
- streetAddress
string
- locality
string
- region
string
- postalCode
string
- countryCode
string
- streetAddress
- externalId
string
- photo
object
- properties
object
-
- href
string
- href
- population
object
- properties
object
-
- id
string
- id
- primaryPhone
string
- accountId
string
- mobilePhone
string
- name
object
- properties
object
-
- formatted
string
- given
string
- middle
string
- family
string
- honorificPrefix
string
- honorificSuffix
string
- formatted
- account
object
- properties
object
-
- canAuthenticate
boolean
- status
string
- lockedAt
string
- secondsUntilUnlock
string
- unlockAt
string
- canAuthenticate
- username
string
- preferredLanguage
- alternativeIdentifiers
array
- headers
object
- statusCode
integer
- Read User
-
Find user information.
Show details
- Properties
- PingOne Attribute
dropDown
-
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
-
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- Input Schema
- default
object
-
- matchAttribute
string
required
- matchAttribute
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- Output Schema
- output
object
-
- user
object
- properties
object
-
- preferredLanguage
string
- timezone
string
- lastSignOn
object
- properties
object
- preferredLanguage
- user
- at
string
- remoteIp
string
-
- title
string
- type
string
- locale
string
- enabled
boolean
- identityProvider
object
- properties
object
- title
- id
string
- type
string
-
- lifecycle
object
- properties
object
- lifecycle
- status
string
-
- createdAt
string
- verifyStatus
string
- nickname
string
- mfaEnabled
boolean
- id
string
- email
string
- emailVerified
boolean
- updatedAt
string
- address
object
- properties
object
- createdAt
- streetAddress
string
- locality
string
- region
string
- postalCode
string
- countryCode
string
-
- externalId
string
- photo
object
- properties
object
- externalId
- href
string
-
- population
object
- properties
object
- population
- id
string
-
- primaryPhone
string
- accountId
string
- mobilePhone
string
- name
object
- properties
object
- primaryPhone
- formatted
string
- given
string
- middle
string
- family
string
- honorificPrefix
string
- honorificSuffix
string
-
- account
object
- properties
object
- account
- canAuthenticate
boolean
- status
string
- lockedAt
string
- secondsUntilUnlock
string
- unlockAt
string
-
- username
string
-
- rawResponse
object
- properties
object
- rawResponse
- preferredLanguage
string
- timezone
string
- lastSignOn
object
- properties
object
- username
- at
string
- remoteIp
string
-
- title
string
- type
string
- locale
string
- enabled
boolean
- identityProvider
object
- properties
object
- title
- id
string
- type
string
-
- lifecycle
object
- properties
object
- lifecycle
- status
string
-
- createdAt
string
- verifyStatus
string
- nickname
string
- mfaEnabled
boolean
- id
string
- email
string
- emailVerified
boolean
- updatedAt
string
- address
object
- properties
object
- createdAt
- streetAddress
string
- locality
string
- region
string
- postalCode
string
- countryCode
string
-
- externalId
string
- photo
object
- properties
object
- externalId
- href
string
-
- population
object
- properties
object
- population
- id
string
-
- primaryPhone
string
- accountId
string
- mobilePhone
string
- name
object
- properties
object
- primaryPhone
- formatted
string
- given
string
- middle
string
- family
string
- honorificPrefix
string
- honorificSuffix
string
-
- account
object
- properties
object
- account
- canAuthenticate
boolean
- status
string
- lockedAt
string
- secondsUntilUnlock
string
- unlockAt
string
-
- username
string
-
- headers
object
- statusCode
integer
- headers
- username
- Update User
-
Update user attributes.
Show details
- Details
-
- Properties
-
- PingOne Attribute
dropDown
- PingOne Attribute
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- Username
textField
required
-
The unique identifier for the user.
- Given Name
textField
- Family Name
textField
- Email
textField
- Primary Phone
textField
- Mobile Phone
textField
- Preferred Language
textField
- Locale
textField
- Other Attributes
variableInputList
- Identifier
Add other attributes and their values.
- Input Schema
-
- default
object
-
- matchAttribute
string
required
- matchAttribute
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- given
string
- family
string
- email
string
- primaryPhone
string
- mobilePhone
string
- username
string
required
- preferredLanguage
string
- locale
string
- default
- Output Schema
-
- output
object
-
- user
object
- properties
object
- user
- output
- preferredLanguage
string
- timezone
string
- lastSignOn
object
- properties
object
-
- at
string
- remoteIp
string
- at
- title
string
- type
string
- locale
string
- enabled
boolean
- identityProvider
object
- properties
object
-
- id
string
- type
string
- id
- lifecycle
object
- properties
object
-
- status
string
- status
- createdAt
string
- verifyStatus
string
- nickname
string
- mfaEnabled
boolean
- id
string
- email
string
- emailVerified
boolean
- updatedAt
string
- address
object
- properties
object
-
- streetAddress
string
- locality
string
- region
string
- postalCode
string
- countryCode
string
- streetAddress
- externalId
string
- photo
object
- properties
object
-
- href
string
- href
- population
object
- properties
object
-
- id
string
- id
- primaryPhone
string
- accountId
string
- mobilePhone
string
- name
object
- properties
object
-
- formatted
string
- given
string
- middle
string
- family
string
- honorificPrefix
string
- honorificSuffix
string
- formatted
- account
object
- properties
object
-
- canAuthenticate
boolean
- status
string
- lockedAt
string
- secondsUntilUnlock
string
- unlockAt
string
- canAuthenticate
- username
string
-
- rawResponse
object
- properties
object
- rawResponse
- preferredLanguage
string
- timezone
string
- lastSignOn
object
- properties
object
-
- at
string
- remoteIp
string
- at
- title
string
- type
string
- locale
string
- enabled
boolean
- identityProvider
object
- properties
object
-
- id
string
- type
string
- id
- lifecycle
object
- properties
object
-
- status
string
- status
- createdAt
string
- verifyStatus
string
- nickname
string
- mfaEnabled
boolean
- id
string
- email
string
- emailVerified
boolean
- updatedAt
string
- address
object
- properties
object
-
- streetAddress
string
- locality
string
- region
string
- postalCode
string
- countryCode
string
- streetAddress
- externalId
string
- photo
object
- properties
object
-
- href
string
- href
- population
object
- properties
object
-
- id
string
- id
- primaryPhone
string
- accountId
string
- mobilePhone
string
- name
object
- properties
object
-
- formatted
string
- given
string
- middle
string
- family
string
- honorificPrefix
string
- honorificSuffix
string
- formatted
- account
object
- properties
object
-
- canAuthenticate
boolean
- status
string
- lockedAt
string
- secondsUntilUnlock
string
- unlockAt
string
- canAuthenticate
- username
string
-
- headers
object
- statusCode
integer
- headers
- Delete User
-
Delete users.
Show details
- Details
-
- Properties
-
- PingOne Attribute
dropDown
- PingOne Attribute
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- Input Schema
- default
object
- Identifier
- matchAttribute
string
required
-
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- Output Schema
-
- output
object
- output
- rawResponse
object
- headers
object
- statusCode
integer
- Update User Status
-
Enable or disable user accounts.
Show details
- Details
-
- Properties
-
- PingOne Attribute
dropDown
- PingOne Attribute
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- Enable User
toggleSwitch
-
Enable or disable the user’s account.
- Input Schema
- default
object
- Identifier
- matchAttribute
string
required
-
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- enabled
boolean
required
-
Enable Status Of User
- Output Schema
-
- output
object
- output
- user
object
- properties
object
-
- enabled
boolean
- enabled
- rawResponse
object
- properties
object
-
- enabled
boolean
- enabled
- headers
object
- statusCode
integer
- Send Email Verification Code
-
Send a verification code to the user that can be used to verify their email.
Show details
- Details
-
- Properties
-
- PingOne Attribute
dropDown
- PingOne Attribute
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- Input Schema
- default
object
- Identifier
- matchAttribute
string
required
-
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- Output Schema
-
- output
object
- output
- user
object
- properties
object
-
- preferredLanguage
string
- timezone
string
- lastSignOn
object
- properties
object
-
- at
string
- remoteIp
string
- at
- title
string
- type
string
- locale
string
- enabled
boolean
- identityProvider
object
- properties
object
-
- id
string
- type
string
- id
- lifecycle
object
- properties
object
-
- status
string
- status
- createdAt
string
- verifyStatus
string
- nickname
string
- mfaEnabled
boolean
- id
string
- email
string
- emailVerified
boolean
- updatedAt
string
- address
object
- properties
object
-
- streetAddress
string
- locality
string
- region
string
- postalCode
string
- countryCode
string
- streetAddress
- externalId
string
- photo
object
- properties
object
-
- href
string
- href
- population
object
- properties
object
-
- id
string
- id
- primaryPhone
string
- accountId
string
- mobilePhone
string
- name
object
- properties
object
-
- formatted
string
- given
string
- middle
string
- family
string
- honorificPrefix
string
- honorificSuffix
string
- formatted
- account
object
- properties
object
-
- canAuthenticate
boolean
- status
string
- lockedAt
string
- secondsUntilUnlock
string
- unlockAt
string
- canAuthenticate
- username
string
- preferredLanguage
- rawResponse
object
- properties
object
-
- preferredLanguage
string
- timezone
string
- lastSignOn
object
- properties
object
-
- at
string
- remoteIp
string
- at
- title
string
- type
string
- locale
string
- enabled
boolean
- identityProvider
object
- properties
object
-
- id
string
- type
string
- id
- lifecycle
object
- properties
object
-
- status
string
- status
- createdAt
string
- verifyStatus
string
- nickname
string
- mfaEnabled
boolean
- id
string
- email
string
- emailVerified
boolean
- updatedAt
string
- address
object
- properties
object
-
- streetAddress
string
- locality
string
- region
string
- postalCode
string
- countryCode
string
- streetAddress
- externalId
string
- photo
object
- properties
object
-
- href
string
- href
- population
object
- properties
object
-
- id
string
- id
- primaryPhone
string
- accountId
string
- mobilePhone
string
- name
object
- properties
object
-
- formatted
string
- given
string
- middle
string
- family
string
- honorificPrefix
string
- honorificSuffix
string
- formatted
- account
object
- properties
object
-
- canAuthenticate
boolean
- status
string
- lockedAt
string
- secondsUntilUnlock
string
- unlockAt
string
- canAuthenticate
- username
string
- preferredLanguage
- headers
object
- statusCode
integer
- Validate Verification Code
-
Verifies the provided code that was sent to a user’s email during account creation.
Show details
- Details
-
- Properties
-
- PingOne Attribute
dropDown
- PingOne Attribute
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- Verification Code
textField
-
The code emailed to the user to verify their email address.
- Input Schema
- default
object
- Identifier
- matchAttribute
string
required
-
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- verificationCode
string
required
minLength: 0
maxLength: 100
-
Code to verify a user’s account
- Output Schema
-
- output
object
- output
- user
object
- properties
object
-
- preferredLanguage
string
- timezone
string
- lastSignOn
object
- properties
object
-
- at
string
- remoteIp
string
- at
- title
string
- type
string
- locale
string
- enabled
boolean
- identityProvider
object
- properties
object
-
- id
string
- type
string
- id
- lifecycle
object
- properties
object
-
- status
string
- status
- createdAt
string
- verifyStatus
string
- nickname
string
- mfaEnabled
boolean
- id
string
- email
string
- emailVerified
boolean
- updatedAt
string
- address
object
- properties
object
-
- streetAddress
string
- locality
string
- region
string
- postalCode
string
- countryCode
string
- streetAddress
- externalId
string
- photo
object
- properties
object
-
- href
string
- href
- population
object
- properties
object
-
- id
string
- id
- primaryPhone
string
- accountId
string
- mobilePhone
string
- name
object
- properties
object
-
- formatted
string
- given
string
- middle
string
- family
string
- honorificPrefix
string
- honorificSuffix
string
- formatted
- account
object
- properties
object
-
- canAuthenticate
boolean
- status
string
- lockedAt
string
- secondsUntilUnlock
string
- unlockAt
string
- canAuthenticate
- username
string
- preferredLanguage
- rawResponse
object
- headers
object
- statusCode
integer
- Send Password Recovery Code
-
Send recovery codes to users' email addresses to recover forgotten passwords.
Show details
- Details
-
- Properties
-
- PingOne Attribute
dropDown
- PingOne Attribute
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- Input Schema
- default
object
- Identifier
- matchAttribute
string
required
-
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- Output Schema
-
- output
object
- output
- passwordState
object
- properties
object
-
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- passwordPolicy
object
- properties
object
-
- id
string
- id
- warnings
object
- properties
object
-
- expires
string
- noChangeUntil
string
- failuresRemaining
number
- expires
- status
string
- lastChangedAt
string
- environment
- rawResponse
object
- properties
object
-
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- passwordPolicy
object
- properties
object
-
- id
string
- id
- warnings
object
- properties
object
-
- expires
string
- noChangeUntil
string
- failuresRemaining
number
- expires
- status
string
- lastChangedAt
string
- environment
- headers
object
- statusCode
integer
- Validate Password Recovery Code
-
Validate recovery codes and allow users to reset their passwords.
Show details
- Details
-
- Properties
-
- PingOne Attribute
dropDown
- PingOne Attribute
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- Recovery Code
textField
-
The code to validate.
- New Password
textField
-
The user’s new password.
- Input Schema
- default
object
- Identifier
- matchAttribute
string
required
-
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- recoveryCode
string
required
- newPassword
string
required
minLength: 1
-
- Output Schema
-
- output
object
- output
- passwordState
object
- properties
object
-
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- passwordPolicy
object
- properties
object
-
- id
string
- id
- warnings
object
- properties
object
-
- expires
string
- noChangeUntil
string
- failuresRemaining
number
- expires
- status
string
- lastChangedAt
string
- environment
- rawResponse
object
- properties
object
-
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- passwordPolicy
object
- properties
object
-
- id
string
- id
- warnings
object
- properties
object
-
- expires
string
- noChangeUntil
string
- failuresRemaining
number
- expires
- status
string
- lastChangedAt
string
- environment
- headers
object
- statusCode
integer
- Change Password
-
Change a user’s password to a new password using their current password for validation.
Show details
- Details
-
- Properties
-
- PingOne Attribute
dropDown
- PingOne Attribute
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- Current Password
textField
-
The user’s current password.
- New Password
textField
-
The user’s new password.
- Input Schema
- default
object
- Identifier
- matchAttribute
string
required
-
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- newPassword
string
required
minLength: 1
- currentPassword
string
minLength: 1
-
- Output Schema
-
- output
object
- output
- passwordState
object
- properties
object
-
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- passwordPolicy
object
- properties
object
-
- id
string
- id
- warnings
object
- properties
object
-
- expires
string
- noChangeUntil
string
- failuresRemaining
number
- expires
- status
string
- lastChangedAt
string
- environment
- rawResponse
object
- properties
object
-
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- passwordPolicy
object
- properties
object
-
- id
string
- id
- warnings
object
- properties
object
-
- expires
string
- noChangeUntil
string
- failuresRemaining
number
- expires
- status
string
- lastChangedAt
string
- environment
- headers
object
- statusCode
integer
- Set Password
-
Set a user’s password, optionally forcing the user to change password at next login.
Show details
- Details
-
- Properties
-
- PingOne Attribute
dropDown
- PingOne Attribute
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- Password Value
textField
-
The user’s new password, which can be in a cleartext or pre-encoded format.
- Force Change Password
toggleSwitch
-
Indicate whether the user must change their password the next time they sign on.
- Bypass PingOne Password Policy
toggleSwitch
-
Indicate whether the password policy used to authenticate the user’s population should be ignored.
- Input Schema
- default
object
- Identifier
- matchAttribute
string
required
-
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- passwordValue
string
required
minLength: 1
- forceChange
boolean
- bypassPolicy
boolean
-
- Output Schema
-
- output
object
- output
- passwordState
object
- properties
object
-
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- passwordPolicy
object
- properties
object
-
- id
string
- id
- warnings
object
- properties
object
-
- expires
string
- noChangeUntil
string
- failuresRemaining
number
- expires
- status
string
- lastChangedAt
string
- environment
- rawResponse
object
- properties
object
-
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- passwordPolicy
object
- properties
object
-
- id
string
- id
- warnings
object
- properties
object
-
- expires
string
- noChangeUntil
string
- failuresRemaining
number
- expires
- status
string
- lastChangedAt
string
- environment
- headers
object
- statusCode
integer
- Create Account Link
-
Create an account link for a user.
Show details
- Details
-
- Properties
-
- PingOne Attribute
dropDown
- PingOne Attribute
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- External ID
textField
-
ID of a user at an identity provider.
- Identity Provider
dropDown
-
The name of the PingOne Identity Provider.
- Identifier
-
Use Identity Provider ID (Default)
- Identity Provider ID
textField
-
ID of the PingOne Identity Provider.
- Input Schema
- default
object
- Identity Provider ID
- matchAttribute
string
required
-
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- identityProvider
string
required
minLength: 0
maxLength: 100
-
The id of the identity provider the account link is for
- identityProviderId
string
minLength: 0
maxLength: 100
-
The id of the identity provider the account link is for
- externalId
string
required
minLength: 0
maxLength: 3000
-
The id of the account at the identity provider
- Output Schema
-
- output
object
- output
- id
string
- environment
object
- properties
object
-
- id
string
- id
- identityProvider
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- externalId
string
- Read Account Links
-
Reads account links for a user
Show details
- Details
-
- Properties
-
- PingOne Attribute
dropDown
- PingOne Attribute
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- Input Schema
- default
object
- Identifier
- matchAttribute
string
required
-
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- Output Schema
-
- output
object
- output
- linkedAccounts
array
- items
array
-
- type
object
- properties
- type
- rawResponse
object
- properties
object
-
- _embedded
object
- properties
object
-
- linkedAccounts
array
- items
array
- linkedAccounts
- _embedded
- type
object
- properties
-
- count
number
- size
number
- count
- headers
object
- statusCode
integer
- Delete Account Link
-
Delete a users account link
Show details
- Details
-
- Properties
-
- PingOne Attribute
dropDown
- PingOne Attribute
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- Account link ID
textField
-
ID of the account link.
- Input Schema
- default
object
- Identifier
- matchAttribute
string
required
-
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- accountLinkId
string
required
minLength: 0
maxLength: 100
-
Account link ID
- Output Schema
-
- output
object
- output
- headers
object
- statusCode
integer
- Check User Agreement
-
Indicate whether users need to accept or sign agreements before proceeding.
Show details
- Details
-
- Properties
-
- PingOne Attribute
dropDown
- PingOne Attribute
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- Agreement
dropDown
-
The name of the agreement.
- Identifier
-
Use Agreement ID (Default)
- Agreement ID
textField
-
A unique identifier for the agreement the user has accepted or signed.
- Accept Language
textField
-
The language in which the agreement is written and indicated by an IEFT BCP 47 language tag, such as "en-US" or "az-Arab".
- Input Schema
- default
object
- Agreement ID
- matchAttribute
string
required
-
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- agreementId
string
minLength: 0
maxLength: 100
-
Agreement ID
- acceptLanguage
string
minLength: 0
maxLength: 100
-
BCP 47 Language tag used as Accept-Language header
- Output Schema
-
- output
object
- output
- agreementPresentation
object
- properties
object
-
- agreementPresentationId
string
- agreementText
string
- agreementTitle
string
- agreementAcceptCheckboxText
string
- agreementContinueButtonText
string
- agreementDeclineButtonText
string
- agreementPresentationId
- userAgreement
object
- properties
object
-
- _embedded
object
- properties
object
-
- agreement
object
- properties
object
- agreement
- _embedded
- id
string
- name
string
- environment
object
- properties
object
-
- id
string
- id
- reconsentPeriodDays
number
- totalConsents
number
- totalExpiredConsents
number
- consentsAggregatedAt
string
- enabled
boolean
-
- revision
object
- properties
object
- revision
- id
string
- environment
object
- properties
object
-
- id
string
- id
- effectiveAt
string
- contentType
string
- requireReconsent
boolean
-
- language
object
- properties
object
- language
- userExperience
object
- properties
object
-
- acceptCheckboxText
string
- continueButtonText
string
- declineButtonText
string
- acceptCheckboxText
- id
string
- environment
object
- properties
object
-
- id
string
- id
- displayName
string
- locale
string
- enabled
boolean
-
- lastConsent
object
- properties
object
-
- id
string
- expiresAt
string
- revision
object
- properties
object
- id
- lastConsent
- id
string
-
- language
object
- properties
object
- language
- id
string
-
- id
string
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- status
string
- id
- rawResponse
object
- properties
object
-
- _embedded
object
- properties
object
-
- agreement
object
- properties
object
- agreement
- _embedded
- id
string
- name
string
- environment
object
- properties
object
-
- id
string
- id
- reconsentPeriodDays
number
- totalConsents
number
- totalExpiredConsents
number
- consentsAggregatedAt
string
- enabled
boolean
-
- revision
object
- properties
object
- revision
- id
string
- environment
object
- properties
object
-
- id
string
- id
- effectiveAt
string
- contentType
string
- requireReconsent
boolean
-
- language
object
- properties
object
- language
- userExperience
object
- properties
object
-
- acceptCheckboxText
string
- continueButtonText
string
- declineButtonText
string
- acceptCheckboxText
- id
string
- environment
object
- properties
object
-
- id
string
- id
- displayName
string
- locale
string
- enabled
boolean
-
- lastConsent
object
- properties
object
-
- id
string
- expiresAt
string
- revision
object
- properties
object
- id
- lastConsent
- id
string
-
- language
object
- properties
object
- language
- id
string
-
- id
string
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- status
string
- id
- headers
object
- statusCode
integer
- Read User Agreements
-
Find information about agreements users have accepted or signed.
Show details
- Details
-
- Properties
-
- PingOne Attribute
dropDown
- PingOne Attribute
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- Accept Language
textField
-
The language in which the agreement is written and indicated by an IEFT BCP 47 language tag, such as "en-US" or "az-Arab".
- Input Schema
- default
object
- Identifier
- matchAttribute
string
required
-
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- acceptLanguage
string
minLength: 0
maxLength: 100
-
BCP 47 Language tag used as Accept-Language header
- Output Schema
-
- output
object
- output
- userAgreements
array
- items
array
-
- type
object
- properties
- type
- rawResponse
object
- properties
object
-
- _embedded
object
- properties
object
-
- userAgreements
array
- items
array
- userAgreements
- _embedded
- type
object
- properties
-
- count
number
- size
number
- count
- headers
object
- statusCode
integer
- Revoke User Agreement
-
Revoke agreements users have accepted or signed.
Show details
- Details
-
- Properties
-
- PingOne Attribute
dropDown
- PingOne Attribute
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- Agreement
dropDown
-
The name of the agreement.
- Identifier
-
Use Agreement ID (Default)
- Agreement ID
textField
-
A unique identifier for the agreement the user has accepted or signed.
- Accept Language
textField
-
The language in which the agreement is written and indicated by an IEFT BCP 47 language tag, such as "en-US" or "az-Arab".
- Input Schema
- default
object
- Agreement ID
- matchAttribute
string
required
-
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- agreementId
string
minLength: 0
maxLength: 100
-
Agreement ID
- acceptLanguage
string
minLength: 0
maxLength: 100
-
BCP 47 Language tag used as Accept-Language header
- Output Schema
-
- output
object
- output
- userAgreement
object
- properties
object
-
- _embedded
object
- properties
object
-
- agreement
object
- properties
object
- agreement
- _embedded
- id
string
- name
string
- environment
object
- properties
object
-
- id
string
- id
- reconsentPeriodDays
number
- totalConsents
number
- totalExpiredConsents
number
- consentsAggregatedAt
string
- enabled
boolean
-
- revision
object
- properties
object
- revision
- id
string
- environment
object
- properties
object
-
- id
string
- id
- effectiveAt
string
- contentType
string
- requireReconsent
boolean
-
- language
object
- properties
object
- language
- userExperience
object
- properties
object
-
- acceptCheckboxText
string
- continueButtonText
string
- declineButtonText
string
- acceptCheckboxText
- id
string
- environment
object
- properties
object
-
- id
string
- id
- displayName
string
- locale
string
- enabled
boolean
-
- lastConsent
object
- properties
object
-
- id
string
- expiresAt
string
- revision
object
- properties
object
- id
- lastConsent
- id
string
-
- language
object
- properties
object
- language
- id
string
-
- id
string
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- status
string
- id
- rawResponse
object
- properties
object
-
- _embedded
object
- properties
object
-
- agreement
object
- properties
object
- agreement
- _embedded
- id
string
- name
string
- environment
object
- properties
object
-
- id
string
- id
- reconsentPeriodDays
number
- totalConsents
number
- totalExpiredConsents
number
- consentsAggregatedAt
string
- enabled
boolean
-
- revision
object
- properties
object
- revision
- id
string
- environment
object
- properties
object
-
- id
string
- id
- effectiveAt
string
- contentType
string
- requireReconsent
boolean
-
- language
object
- properties
object
- language
- userExperience
object
- properties
object
-
- acceptCheckboxText
string
- continueButtonText
string
- declineButtonText
string
- acceptCheckboxText
- id
string
- environment
object
- properties
object
-
- id
string
- id
- displayName
string
- locale
string
- enabled
boolean
-
- lastConsent
object
- properties
object
-
- id
string
- expiresAt
string
- revision
object
- properties
object
- id
- lastConsent
- id
string
-
- language
object
- properties
object
- language
- id
string
-
- id
string
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- status
string
- id
- headers
object
- statusCode
integer
- Accept User Agreement
-
Accept user agreements.
Show details
- Details
-
- Properties
-
- PingOne Attribute
dropDown
- PingOne Attribute
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- Agreement Presentation ID
textField
-
The unique identifier for the agreement information to ensure the correct agreement revision and language is being accepted.
- Input Schema
- default
object
- Identifier
- matchAttribute
string
required
-
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- agreementPresentationId
string
required
-
Read User Agreement and Read Agreement capabilities generate this id in their agreement presentation output.
- Output Schema
-
- output
object
- output
- userAgreement
object
- properties
object
-
- _embedded
object
- properties
object
-
- agreement
object
- properties
object
- agreement
- _embedded
- id
string
- name
string
- environment
object
- properties
object
-
- id
string
- id
- reconsentPeriodDays
number
- totalConsents
number
- totalExpiredConsents
number
- consentsAggregatedAt
string
- enabled
boolean
-
- revision
object
- properties
object
- revision
- id
string
- environment
object
- properties
object
-
- id
string
- id
- effectiveAt
string
- contentType
string
- requireReconsent
boolean
-
- language
object
- properties
object
- language
- userExperience
object
- properties
object
-
- acceptCheckboxText
string
- continueButtonText
string
- declineButtonText
string
- acceptCheckboxText
- id
string
- environment
object
- properties
object
-
- id
string
- id
- displayName
string
- locale
string
- enabled
boolean
-
- lastConsent
object
- properties
object
-
- id
string
- expiresAt
string
- revision
object
- properties
object
- id
- lastConsent
- id
string
-
- language
object
- properties
object
- language
- id
string
-
- id
string
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- status
string
- id
- rawResponse
object
- properties
object
-
- _embedded
object
- properties
object
-
- agreement
object
- properties
object
- agreement
- _embedded
- id
string
- name
string
- environment
object
- properties
object
-
- id
string
- id
- reconsentPeriodDays
number
- totalConsents
number
- totalExpiredConsents
number
- consentsAggregatedAt
string
- enabled
boolean
-
- revision
object
- properties
object
- revision
- id
string
- environment
object
- properties
object
-
- id
string
- id
- effectiveAt
string
- contentType
string
- requireReconsent
boolean
-
- language
object
- properties
object
- language
- userExperience
object
- properties
object
-
- acceptCheckboxText
string
- continueButtonText
string
- declineButtonText
string
- acceptCheckboxText
- id
string
- environment
object
- properties
object
-
- id
string
- id
- displayName
string
- locale
string
- enabled
boolean
-
- lastConsent
object
- properties
object
-
- id
string
- expiresAt
string
- revision
object
- properties
object
- id
- lastConsent
- id
string
-
- language
object
- properties
object
- language
- id
string
-
- id
string
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- status
string
- id
- headers
object
- statusCode
integer
- Read Agreement Content
-
Find information about the agreement content.
Show details
- Details
-
- Properties
-
- Agreement
dropDown
- Agreement
The name of the agreement.
-
Use Agreement ID (Default)
- Agreement ID
textField
-
A unique identifier for the agreement the user has accepted or signed.
- Accept Language
textField
-
The language in which the agreement is written and indicated by an IEFT BCP 47 language tag, such as "en-US" or "az-Arab".
- User Locale
textField
-
The user’s location, which determines the language in which the agreement is written and indicated by an IEFT BCP 47 language tag, such as "en-US" or "az-Arab".
- Input Schema
- default
object
- Agreement ID
- agreementId
string
minLength: 0
maxLength: 100
-
Agreement ID
- acceptLanguage
string
minLength: 0
maxLength: 100
-
BCP 47 Language tag used as Accept-Language header
- userLocale
string
minLength: 0
maxLength: 100
-
User Locale
- Output Schema
-
- output
object
- output
- agreementPresentation
object
- properties
object
-
- agreementPresentationId
string
- agreementText
string
- agreementTitle
string
- agreementAcceptCheckboxText
string
- agreementContinueButtonText
string
- agreementDeclineButtonText
string
- agreementPresentationId
- userAgreement
object
- properties
object
-
- _embedded
object
- properties
object
-
- agreement
object
- properties
object
- agreement
- _embedded
- id
string
- name
string
- environment
object
- properties
object
-
- id
string
- id
- reconsentPeriodDays
number
- totalConsents
number
- totalExpiredConsents
number
- consentsAggregatedAt
string
- enabled
boolean
-
- revision
object
- properties
object
- revision
- id
string
- environment
object
- properties
object
-
- id
string
- id
- effectiveAt
string
- contentType
string
- requireReconsent
boolean
-
- language
object
- properties
object
- language
- userExperience
object
- properties
object
-
- acceptCheckboxText
string
- continueButtonText
string
- declineButtonText
string
- acceptCheckboxText
- id
string
- environment
object
- properties
object
-
- id
string
- id
- displayName
string
- locale
string
- enabled
boolean
-
- lastConsent
object
- properties
object
-
- id
string
- expiresAt
string
- revision
object
- properties
object
- id
- lastConsent
- id
string
-
- language
object
- properties
object
- language
- id
string
-
- id
string
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- status
string
- id
- rawResponse
object
- properties
object
-
- _embedded
object
- properties
object
-
- agreement
object
- properties
object
- agreement
- _embedded
- id
string
- name
string
- environment
object
- properties
object
-
- id
string
- id
- reconsentPeriodDays
number
- totalConsents
number
- totalExpiredConsents
number
- consentsAggregatedAt
string
- enabled
boolean
-
- revision
object
- properties
object
- revision
- id
string
- environment
object
- properties
object
-
- id
string
- id
- effectiveAt
string
- contentType
string
- requireReconsent
boolean
-
- language
object
- properties
object
- language
- userExperience
object
- properties
object
-
- acceptCheckboxText
string
- continueButtonText
string
- declineButtonText
string
- acceptCheckboxText
- id
string
- environment
object
- properties
object
-
- id
string
- id
- displayName
string
- locale
string
- enabled
boolean
-
- lastConsent
object
- properties
object
-
- id
string
- expiresAt
string
- revision
object
- properties
object
- id
- lastConsent
- id
string
-
- language
object
- properties
object
- language
- id
string
-
- id
string
- environment
object
- properties
object
-
- id
string
- id
- user
object
- properties
object
-
- id
string
- id
- status
string
- id
- headers
object
- statusCode
integer
- Read Population
-
Find population information.
Show details
- Details
-
- Properties
-
- Population
dropDown
- Population
The name of the population.
-
Use Population ID (Default)
- Population ID
textField
-
The unique identifier for the population.
- Population ID
-
Use Alternative ID
- Alternative ID
textField
-
Enter an Alternative Identifier to look for populations.
- Input Schema
- default
object
- Alternative ID
- population
string
required
minLength: 0
maxLength: 100
-
Population
- alternativeIdentifier
string
minLength: 0
maxLength: 255
-
Alternative Identifier
- populationId
string
minLength: 0
maxLength: 100
-
Population ID
- Output Schema
-
- output
object
- output
- population
object
- properties
object
-
- id
string
- name
string
- description
string
- userCount
number
- createdAt
string
- updatedAt
string
- passwordPolicy
object
- properties
object
-
- id
string
- id
- defaultIdentityProvider
object
- properties
object
-
- id
string
- type
string
- id
- id
- alternativeIdentifiers
array
-
- items
array
- type
string
- maxLength
maxLenth 255
- items
- theme
object
-
- properties
object
- id
string
- properties
- populations
array
-
- items
array
- type
object
population
-
- Properties
- items
- rawResponse
object
- properties
object
-
- id
string
- name
string
- description
string
- userCount
number
- createdAt
string
- updatedAt
string
- passwordPolicy
object
- properties
object
-
- id
string
- id
- defaultIdentityProvider
object
- properties
object
-
- id
string
- type
string
- id
- id
- alternativeIdentifiers
array
-
- items
array
- type
string
- maxLength
maxLenth 255
- items
- theme
object
-
- properties
object
- id
string
- properties
- headers
object
- statusCode
integer
- Read User Group Memberships
-
Find information about the groups to which users belong.
Show details
- Details
-
- Properties
-
- PingOne Attribute
dropDown
- PingOne Attribute
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- Input Schema
- default
object
- Identifier
- matchAttribute
string
required
-
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- Output Schema
-
- output
object
- output
- groupMemberships
array
- items
array
-
- type
object
- properties
\{"type":"string"}
- type
- rawResponse
object
- properties
object
-
- _embedded
object
- properties
object
-
- groupMemberships
array
- items
array
- groupMemberships
- _embedded
- type
object
- properties
\{"type":"string"}
-
- count
number
- size
number
- count
- headers
object
- statusCode
integer
- Create User Group Membership
-
Add a user to a group.
Show details
- Details
-
- Properties
-
- PingOne Attribute
dropDown
- PingOne Attribute
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- Group
dropDown
-
The name of the group.
- Identifier
-
Use Group ID (Default)
- Group ID
textField
-
The unique identifier for the group.
- Input Schema
- default
object
- Group ID
- matchAttribute
string
required
-
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- groupId
string
minLength: 0
maxLength: 100
-
Group ID
- groupName
string
- description
string
- externalId
string
- userFilter
string
-
SCIM filter for users
- memberGroupRelationship
boolean
- customData
object
-
- Output Schema
-
- output
object
- output
- groupMembership
object
- properties
object
-
- id
string
- name
string
- population
object
- properties
object
-
- id
string
- id
- type
string
- id
- rawResponse
object
- properties
object
-
- groupMembership
object
- properties
object
-
- id
string
- name
string
- population
object
- properties
object
- id
- groupMembership
- id
string
-
- type
string
- type
- headers
object
- statusCode
integer
- Delete User Group Membership
-
Remove a user from a group.
Show details
- Details
-
- Properties
-
- PingOne Attribute
dropDown
- PingOne Attribute
Select the attribute that you want to match against the provided identifier to find a user.
-
User ID (Default)
-
Username
-
Email
- Identifier
textField
-
Enter the User ID, Username, or Email address of the user that you want to find.
- Group
dropDown
-
The name of the group.
- Identifier
-
Use Group ID (Default)
- Group ID
textField
-
The unique identifier for the group.
- Input Schema
- default
object
- Group ID
- matchAttribute
string
required
-
PingOne user attribute to identify a user with.
- identifier
string
required
-
User attribute to match attributes.
- groupId
string
minLength: 0
maxLength: 100
-
Group ID
- groupName
string
- description
string
- externalId
string
- userFilter
string
-
SCIM filter for users
- memberGroupRelationship
boolean
- customData
object
-
- Output Schema
-
- output
object
- output
- rawResponse
object
- headers
object
- statusCode
integer
- Migrate User through Gateway
-
Validate a user’s credentials and, if valid, migrate the user from a PingOne gateway to PingOne.
Show details
- Details
-
- Properties
-
- Username
textField
required
- Username
The user’s unique identifier in the PingOne gateway.
- Password
textField
required
-
The user’s password in the PingOne gateway.
- Gateway User Type List
variableInputList
required
-
The gateway and user type to target when validating the user’s credentials. These values are based on the gateways configured in your PingOne environment.
- Input Schema
- default
object
- usernameGateway
string
required
-
The user’s unique identifier in the PingOne gateway.
- passwordGateway
string
required
minLength: 4
maxLength: 100
-
The user’s password in the PingOne gateway.
- gatewayUserTypeList
array
required
minItems: 1
maxItems: 5
-
The gateway and user type to target when validating the user’s credentials. These values are based on the gateways configured in your PingOne environment.
- Output Schema
-
- output
object
- output
- rawResponse
object
- headers
object
- statusCode
integer
Create Group
Create a user group.
Show details
Properties
- Group Name
textField
required
-
The name of the group.
- Group Description
textArea
-
The description of the group.
- Dynamic User Filter
textField
-
A filter to automatically assign users to the group.
- Population
dropDown
-
The name of the population.
-
Use Population ID (Default)
-
- Population ID
textField
-
The unique identifier for the population.
Input Schema
- Edit Metadata Properties JSON
toggleSwitch
- Metadata Properties
keyValueList
-
This input will overwrite the current metadata for the group.
- Metadata Properties
textArea
-
This input will overwrite the current metadata for the group.
- default
object
- groupId
string
- groupName
string
required
- description
string
- externalId
string
- userFilter
string
-
SCIM filter for users
- memberGroupRelationship
boolean
- customData
object
- Output Schema
- output
object
- group
object
- properties
object
- id
string
-
- environment
object
- properties
object
- environment
- id
string
-
- customData
object
- population
object
- properties
object
- customData
- id
string
-
- name
string
- description
string
- isExternal
string
- externalId
string
- userFilter
string
- createdAt
string
- updatedAt
string
- name
- rawResponse
object
- properties
object
-
- id
string
- environment
object
- properties
object
- id
- id
string
-
- customData
object
- population
object
- properties
object
- customData
- id
string
-
- name
string
- description
string
- isExternal
string
- externalId
string
- userFilter
string
- createdAt
string
- updatedAt
string
- name
- headers
object
- statusCode
integer
- Read Group
-
Read a user group.
Show details
- Details
-
- Properties
-
- Group ID
textField
- Group ID
The unique identifier for the group.
- Input Schema
-
- default
object
- default
- groupId
string
required
minLength: 0
maxLength: 100
-
Group ID
- Output Schema
-
- output
object
- output
- group
object
- properties
object
-
- id
string
- environment
object
- properties
object
-
- id
string
- id
- customData
object
- population
object
- properties
object
-
- id
string
- id
- name
string
- description
string
- isExternal
string
- externalId
string
- userFilter
string
- createdAt
string
- updatedAt
string
- id
- rawResponse
object
- properties
object
-
- id
string
- environment
object
- properties
object
-
- id
string
- id
- customData
object
- population
object
- properties
object
-
- id
string
- id
- name
string
- description
string
- isExternal
string
- externalId
string
- userFilter
string
- createdAt
string
- updatedAt
string
- id
- headers
object
- statusCode
integer
- Update Group
-
Update a user group.
Show details
- Details
-
- Properties
-
- Group ID
textField
- Group ID
The unique identifier for the group.
- Group Name
textField
required
-
The name of the group.
- Group Description
textArea
-
The description of the group.
- Dynamic User Filter
textField
-
A filter to automatically assign users to the group.
- Edit Metadata Properties JSON
toggleSwitch
- Metadata Properties
keyValueList
This input will overwrite the current metadata for the group.
- Metadata Properties
textArea
-
This input will overwrite the current metadata for the group.
- Input Schema
- default
object
-
- groupId
string
required
- groupName
string
required
- description
string
- externalId
string
- userFilter
string
- groupId
SCIM filter for users
- memberGroupRelationship
boolean
- customData
object
-
- Output Schema
-
- output
object
- output
- group
object
- properties
object
-
- id
string
- environment
object
- properties
object
-
- id
string
- id
- customData
object
- population
object
- properties
object
-
- id
string
- id
- name
string
- description
string
- isExternal
string
- externalId
string
- userFilter
string
- createdAt
string
- updatedAt
string
- id
- rawResponse
object
- properties
object
-
- id
string
- environment
object
- properties
object
-
- id
string
- id
- customData
object
- population
object
- properties
object
-
- id
string
- id
- name
string
- description
string
- isExternal
string
- externalId
string
- userFilter
string
- createdAt
string
- updatedAt
string
- id
- headers
object
- statusCode
integer
- Delete Group
-
Delete a user group.
Show details
- Details
-
- Properties
-
- Group ID
textField
- Group ID
The unique identifier for the group.
- Input Schema
-
- default
object
- default
- groupId
string
required
minLength: 0
maxLength: 100
-
Group ID
- Output Schema
-
- output
object
- output
- rawResponse
object
- headers
object
- statusCode
integer
- Read Group Members
-
Read up to 100 members of a group.
Show details
- Details
-
- Properties
-
- Group ID
textField
- Group ID
The unique identifier for the group.
- PingOne Attributes
textFieldArrayView
-
Enter the PingOne attributes you want to use to find a user, such as username, userID, or email.
- Identifier
textField
-
Enter the identifier, which was captured earlier in the flow, that you want to use to find a user. For example, if the attributes specified are email and username, and the identifier is username, the system will search for users whose email or username match the value captured under username.
- Direct Member Relationship
toggleSwitch
-
The output will only include members that are directly assigned to the group, instead of including any members assigned by a filter.
- Input Schema
- default
object
- groupId
string
required
minLength: 0
maxLength: 100
-
Group ID
- Output Schema
-
- output
object
- output
- matchedUsers
array
- items
array
-
- type
object
- properties
\{"type":"string"}
- type
- count
integer
- rawResponse
object
- properties
object
-
- _embedded
object
- properties
object
-
- matchedUsers
array
- items
array
- matchedUsers
- _embedded
- type
object
- properties
\{"type":"string"}
-
- count
integer
- count
- headers
object
- statusCode
integer
- Authenticate User via Kerberos
-
Authenticate Active Directory users seamlessly via the Kerberos protocol.
Show details
- Details
-
- Properties
-
- Gateway
dropDown
required
- Gateway
Select the gateway that connects to the Active Directory servers where the users are located.
- User Type
dropDown
required
-
Select the user type through which the users can be found.
Default:
useUserTypeId
- Create PingOne User
toggleSwitch
-
When enabled, DaVinci creates a PingOne user account using attributes from Active Directory. Disable this to support a legacy integration where DaVinci is configured as an External IdP in PingOne.
- Input Schema
- default
object
-
- gatewayId
string
required
- gatewayId
Gateway Id
- userTypeId
string
required
-
User Type ID
- createUserIfNotFound
boolean
-
- Output Schema
-
- output
object
- output
- user
object
- properties
object
-
- id
string
- username
string
- environment
object
- properties
object
-
- id
string
- id
- population
object
- properties
object
-
- id
string
- id
- id
- rawResponse
object
- statusCode
number
- headers
object
- Unlock User
-
Unlock a user by their user ID.
Show details
- Details
-
- Properties
-
- User ID
textField
- User ID
ID of the User.
- Input Schema
-
- default
object
- default
- userId
string
required
-
- Output Schema
-
- output
object
- output
- user
object
- properties
object
-
- preferredLanguage
string
- timezone
string
- lastSignOn
object
- properties
object
-
- at
string
- remoteIp
string
- at
- title
string
- type
string
- locale
string
- enabled
boolean
- identityProvider
object
- properties
object
-
- id
string
- type
string
- id
- lifecycle
object
- properties
object
-
- status
string
- status
- createdAt
string
- verifyStatus
string
- nickname
string
- mfaEnabled
boolean
- id
string
- email
string
- emailVerified
boolean
- updatedAt
string
- address
object
- properties
object
-
- streetAddress
string
- locality
string
- region
string
- postalCode
string
- countryCode
string
- streetAddress
- externalId
string
- photo
object
- properties
object
-
- href
string
- href
- population
object
- properties
object
-
- id
string
- id
- primaryPhone
string
- accountId
string
- mobilePhone
string
- name
object
- properties
object
-
- formatted
string
- given
string
- middle
string
- family
string
- honorificPrefix
string
- honorificSuffix
string
- formatted
- account
object
- properties
object
-
- canAuthenticate
boolean
- status
string
- lockedAt
string
- secondsUntilUnlock
string
- unlockAt
string
- canAuthenticate
- username
string
- preferredLanguage
- rawResponse
object
- properties
object
-
- preferredLanguage
string
- timezone
string
- lastSignOn
object
- properties
object
-
- at
string
- remoteIp
string
- at
- title
string
- type
string
- locale
string
- enabled
boolean
- identityProvider
object
- properties
object
-
- id
string
- type
string
- id
- lifecycle
object
- properties
object
-
- status
string
- status
- createdAt
string
- verifyStatus
string
- nickname
string
- mfaEnabled
boolean
- id
string
- email
string
- emailVerified
boolean
- updatedAt
string
- address
object
- properties
object
-
- streetAddress
string
- locality
string
- region
string
- postalCode
string
- countryCode
string
- streetAddress
- externalId
string
- photo
object
- properties
object
-
- href
string
- href
- population
object
- properties
object
-
- id
string
- id
- primaryPhone
string
- accountId
string
- mobilePhone
string
- name
object
- properties
object
-
- formatted
string
- given
string
- middle
string
- family
string
- honorificPrefix
string
- honorificSuffix
string
- formatted
- account
object
- properties
object
-
- canAuthenticate
boolean
- status
string
- lockedAt
string
- secondsUntilUnlock
string
- unlockAt
string
- canAuthenticate
- username
string
- preferredLanguage
- headers
object
- statusCode
integer