PingOne DaVinci

Invoking the flow

To launch the flow, construct a link with the PingOne details and add it to the resource that will launch the flow.

Steps

  1. In the resource that will launch the flow, such as your organization’s web application, add a call to your PingOne application using the following format:

    https://auth.pingone.com/<Environment ID>/as/authorize?response_type=<response type>
     &client_id=<client ID>
     &redirect_uri=<redirect URI>
     &scope=<scope>
     &acr_values=<Flow Policy ID>
     &<other parameter>=<value>

    The following parameters are used in the call:

    Table 1. Parameters
    Parameter Required Description Location

    Environment ID

    Yes

    The Company ID of the DaVinci application.

    Available in DaVinci in the Company tab, or in the details section at the top of any flow or application.

    Response Type

    Yes

    The response type expected by the PingOne application.

    Available in PingOne under Applications → Applications. Click your application, then click the Configuration tab and find the Response Type field.

    Client ID

    Yes

    The PingOne application’s Client ID.

    Available in PingOne under Applications → Applications. Click your application, then click the Configuration tab and find the Client ID field.

    Redirect URI

    Yes

    A redirect URI configured in PingOne.

    Available in PingOne under Applications → Applications. Click your application, then click the Configuration tab and find the Redirect URIs field.

    Scope

    Yes

    The application request scope.

    Available in PingOne under Applications → Applications → Resources. Click your application, then click the Resources tab and find the Allowed Scopes section.

    Flow Policy ID

    No

    A policy that determines which flow and version is run.

    Available in DaVinci in the Applications tab. Select your application, then click the Flow Policy tab.

    Additional parameters

    No

    You can pass in additional parameters to make their values available during the flow.

    N/A

    You can reference the parameter values passed in with the invocation. The format is:

    global.parameters.authorizationRequest.<parameter name>

  2. If the user requires a token but the flow did not grant a token, make an API call to the PingOne token endpoint to grant the user a token. Use the PingOne token authentication code endpoint or the Pingone client credentials endpoint.