PingAccess API endpoints

The following endpoints enable external applications to communicate with the PingAccess server and provide complete administrative capabilities of the product.

Heartbeat endpoint: Enables administrators to verify that the server is running.
OpenID Connect endpoints: Enables PingFederate or other token providers to interface with PingAccess using the OpenID Connect (OIDC) protocol.
Authentication Token Management endpoint: Enables protected applications to validate authentication tokens issued by a PingAccess identity mapping.
OAuth endpoint: Enables an OAuth authorization server (OAuth AS) to interface with PingAccess as an OAuth resource server.
Administrative API endpoints: Enables users to use PingAccess administrative functions. These are REST APIs that include documentation and testing tools.

Some endpoint examples in this document include the default application reserved path, /pa. You can modify the reserved path using the PingAccess Admin API. If you do, you must update endpoint and other applicable application URLs accordingly.

Similarly, if you select the Use context root as reserved resource base path check box on your PingAccess application, you must enter the context root of the application before the reserved path in endpoint and other applicable application URLs. For example, if the context root of your application is myApp and you haven’t modified the reserved path, use the path myApp/pa instead of /pa.

The features documented here are affected by the settings in the configuration file. For more information, see the Configuration file reference.