PingAuthorize

Using the tutorials

Use the tutorials to familiarize yourself with the capabilities of PingAuthorize dynamic authorization management by walking through the provided configuration exercises.

Before you begin

To complete these tutorials, you must:

The tutorials provide sample requests that use curl. However, you can use any program that can send HTTP request, such as wget or Postman.

Setting up your environment

About this task

To help you get started quickly with PingAuthorize, we provide Docker containers that have everything you need. Deploy these containers using Docker commands and then start using PingAuthorize.

Steps

  1. Clone the GitHub repository that contains the supporting source files.

    Replace the variable <X.X> with the first two digits of the PingAuthorize release you want to clone.

    git clone --branch  <X.X>  https://github.com/pingidentity/pingauthorize-tutorials && cd pingauthorize-tutorials

    This command places the files in the pingauthorize-tutorials directory and changes to that directory. The directory contains a docker-compose.yml file that defines the containers used in the tutorial.

    You shouldn’t need to modify this file or understand its contents to follow the tutorial steps. However, you might need to change some configuration values that the Docker Compose environment uses. The env-template.txt file contains various configuration values, including the default port definitions used by the Docker Compose containers.

  2. Copy the template to a new .env file at the root of the cloned repository and edit its contents using any text editor.

    cp env-template.txt .env
    vi .env

    You might not need to modify any values if all the default ports are available.

    You must still have an .env file in place for the environment to start.

Starting PingAuthorize

About this task

To start the Docker Compose environment:

Steps

  1. Go to the pingauthorize-tutorials directory you cloned in Setting up your environment.

  2. Run the following command.

    docker-compose up --detach

Verifying proper startup

About this task

The command shows the status of the containers started by the docker-compose command. Each of the four containers should initially have a status of starting. All four containers should reach an equilibrium state of healthy.

Steps

  • To verify that both PingAuthorize Server and Policy Editor started properly and are running, run the following command.

    docker container ls --format '{{ .Names }}: {{ .Status }}'

    It could take up to 15 minutes for all four containers to reach this equilibrium state.

  • If you have any issues, check the log files using the docker-compose logs command.

Accessing the GUIs

About this task

PingAuthorize has two GUIs:

  • Administrative console

  • Policy Editor

If you have problems connecting because of self-signed certificates, click Advanced or try a different browser.

Steps

  • Access either the administrative console or the Policy Editor.

    Choose from:

    • To make configuration changes to PingAuthorize Server, access the administrative console.

      Description Details

      URL

      Details to enter at sign-on

      • Server: pingauthorize:1636

      • Username: administrator

      • Password: 2FederateM0re

      If submitting the form results in a Server unavailable error, wait longer for the containers to reach an equilibrium healthy state, as described in Verifying proper startup.

    • To make and test policy changes, access the Policy Editor.

      This GUI calculates decision responses when you configure PingAuthorize to use the GUI as an external policy decision point.

      Description Details

      URL

      Details to enter at sign-on

      • User ID: admin

      • Password: password123

Stopping PingAuthorize

About this task

If you have completed the tutorials and no longer need the containers, run the following commands to stop and remove the containers.

To simplify the prerequisites for using Docker with this tutorial, all of the changes you make are lost when you destroy your Docker Compose environment. For standard installations, use persistent volumes to maintain data across container deployments.

Steps

  1. Go to the pingauthorize-tutorials directory you cloned in Setting up your environment.

  2. Run the following command.

    docker-compose down

About the tutorial configuration

We provide the following pre-configured Docker containers through the Docker Compose environment, so that you can develop policies immediately.

Container Description

pingauthorize

PingAuthorize Server

The server enforces the policies you define.

pingauthorizepap

PingAuthorize Policy Editor

Use this GUI to define the policies that determine access control and protect your data.

pingdirectory

PingDirectory

A directory of user information.

PingAuthorize doesn’t require PingDirectory.

However, some of the tutorials do use PingDirectory as an attribute provider. You can reference the attributes in your policies.

pingdataconsole

administrative console

Use this GUI to configure PingAuthorize.