PingAuthorize

JSON PDP API response format

After the Policy Decision Service determines a decision response, it hands the response back to the JSON PDP API to provide to the client. JSON PDP API responses include decisions, such as Permit or Deny, and any obligations or statements that matched during policy processing.

Individual response

The following example shows the correct JSON individual response format:

{
	"id": "12345678-90ab-cdef-1234-567890abcdef",
	"deploymentPackageId": "12345678-90ab-cdef-1234-567890abcdef",
	"timestamp": "2021-06-11T03:12:19.720485Z",
	"elapsedTime": 184024,
	"decision": "PERMIT",
	"authorized": true,
	"statements": [
		{
        	"id": "12345678-90ab-cdef-1234-567890abcdef",
        	"name": "Statement Name",
        	"code": "statement-code",
        	"payload": "{\"data\": \"some data\"}",
        	"obligatory": true,
        	"fulfilled": false,
        	"attributes": { }
    	}
],
	"status": {
		"code": "OKAY",
		"messages": [ ],
		"errors": [ ],
	}
}

The decision and authorized values identify whether the policies authorize the request, and the "statements" array contains statements to be applied by the Policy Enforcement Point.

Batch response

Batch decision responses consist of an array, named "responses", of JSON objects, each of which is a standard JSON PDP API single decision response. The decision responses are guaranteed to be returned in the same order as the received responses. For example, the first response in the batch responses corresponds to a decision on the first request in the batch requests.

The following example shows the correct JSON batch decision response format:

{
    "responses": [
	  {
	      "id": "12345678-90ab-cdef-1234-567890abcdef",
	      "deploymentPackageId": "12345678-90ab-cdef-1234-567890abcdef",
	      "timestamp": "2021-06-11T04:18:32.820482Z",
	      "elapsedTime": 830492,
	      "decision": "PERMIT",
	      "authorized": true,
	      "statements": [
		  {
        	      "id": "12345678-90ab-cdef-1234-567890abcdef",
        	      "name": "Advice Name",
        	      "code": "advice-code",
        	      "payload": "{\"data\": \"some data\"}",
        	      "obligatory": true,
        	      "fulfilled": false,
        	      "attributes": {}
    	          }
              ],
	      "status": {
		      "code": "OKAY",
		      "messages": [ ],
		       "errors": [ ],
	          }
         },
         {
	      "id": "fedcba09-8765-4321-fedcba098765",
	      "deploymentPackageId": "fedcba09-8765-4321-fedcba098765",
	      "timestamp": "2021-06-11T04:18:33.650974Z",
	      "elapsedTime": 492048,
	      "decision": "PERMIT",
	      "authorized": true,
	      "statements": [
		   {
        	      "id": "fedcba09-8765-4321-fedcba098765",
        	      "name": "Different Advice",
        	      "code": "advice-code",
        	      "payload": "{\"data\": \"other data\"}",
        	      "obligatory": false,
        	      "fulfilled": false,
        	      "attributes": { }
    	            }
        ],
	"status": {
		"code": "OKAY",
		"messages": [ ],
		"errors": [ ],
	  }
      }
    ]
}

Query response

The following example shows the correct query response format:

{
  "requestId": "8245be35-ec9e-40f1-a79a-80890041f4b0",
  "timeStamp": "2023-11-14T03:21:47.734842Z",
  "elapsedTime": 22,
  "results": [
    {
      "attribute": "action",
      "value": "delete",
      "decision": "PERMIT"
    }
  ]
}

The "results" array contains a list of query attribute values that either produced a PERMIT decision result or a DENY decision result with statements.