PingAccess

Authentication challenge responses

This table describes the authentication challenge responses generated by PingAccess, based on its configuration and properties of the request.

An authentication challenge response is an HTTP response sent to a user agent (such as a web browser) by PingAccess, telling the user agent that the corresponding request did not contain a valid authentication token. Some responses also provide instructions to the user agent to obtain a valid authentication token such as an HTTP redirect response containing an encoded OpenID Connect (OIDC) authentication request.

When onboarding new applications to PingAccess, the recommended configuration is SPA Support = Enabled, Request Preservation = POST and Fragment, and Fail on Unsupported Content Type = false, regardless of the behavior of the application. This configuration is displayed in the first table.

Recommended configurations
PingAccess configuration Request properties Response characteristics

SPA Support1

Request Preservation2

Fail on Unsupported Content Type3

Method

Content Type

Accept Header Field

Response Code

Body Content

Enabled

POST, POST and Fragment

Any

GET4

Any

NOT

application/json

401

HTML

Enabled

POST, POST and Fragment

Any

GET4

Any

application/json

401

JSON

Enabled

POST, POST and Fragment

false

POST

Any

NOT

application/json

401

HTML

Enabled

POST, POST and Fragment

false

POST

Any

application/json

401

JSON

1Configured on an application. In the Admin application programming interface (API), the field is spaSupportEnabled. In the UI, the field is SPA Support. See Adding an application for more information about this field.

2Configured on a web session. In the Admin API, the field is requestPreservationType. In the UI, the field is Request Preservation. See Creating web sessions for more information about this field.

3This option is only available through the Admin API.

4Any non-POST method receives the same response as a GET.

Additional configurations
PingAccess configuration Request properties Response characteristics

SPA Support1

Request Preservation2

Fail on Unsupported Content Type3

Method

Content Type

Accept Header Field

Response Code

Body Content

Disabled

None

Any

Any

Any

Any

302

None

Disabled

POST

Any

GET4

Any

Any

302

None

Disabled

POST

Any

POST

application/x-www-form-urlencoded

Any

200

HTML

Disabled

POST

false

POST

NOT

application/x-www-form-urlencoded

Any

302

None

Disabled

POST

true

POST

NOT

application/x-www-form-urlencoded

Any

415

HTML

Disabled

POST and Fragment

Any

GET4

Any

Any

200

HTML

Disabled

POST and Fragment

Any

POST

application/x-www-form-urlencoded

Any

200

HTML

Disabled

POST and Fragment

false

POST

NOT

application/x-www-form-urlencoded

Any

302

None

Disabled

POST and Fragment

true

POST

NOT

application/x-www-form-urlencoded

Any

415

HTML

Enabled

None

Any

Any

Any

NOT

application/json

401

HTML

Enabled

None

Any

Any

Any

application/json

401

JSON

Enabled

POST, POST and Fragment

true

POST

NOT

application/x-www-form-urlencoded

NOT

application/json

415

HTML

Enabled

POST, POST and Fragment

true

POST

application/x-www-form-urlencoded

NOT

application/json

401

HTML

Enabled

POST, POST and Fragment

true

POST

Any

application/json

401

JSON