Responses

The XACML-JSON PDP API converts batch decision responses to a XACML-JSON response.

XACML-JSON responses include decisions, such as Permit or Deny, and any obligations or advice that matched during policy processing.

The Policy Enforcement Point (PEP) must apply any obligations or advice.

The following table shows the mapping from a decision response to a XACML-JSON response.

Parent (JSON Path) Field (JSON Path) PingAuthorize Trust Framework type

Parent (JSON Path)	Field (JSON Path)	PingAuthorize Trust Framework type
`$.Response[*]`	`$.Decision`	Decision
`$.Response[].Obligations[]`	``	Advice (obligatory)
`$.Id`	Advice code
`$.AttributeAssigments[?(@.AttributeId == "payload")].Value`	Advice payload
`$.Response[].AssociatedAdvice[]`	``	Advice (non-obligatory)
`$.Id`	Advice code
`$.AttributeAssigments[?(@.AttributeId == "payload")].Value`	Advice payload

$.Response[*]

$.Decision

Decision

$.Response[].Obligations[]

Advice (obligatory)

$.Id

Advice code

$.AttributeAssigments[?(@.AttributeId == "payload")].Value

Advice payload

$.Response[].AssociatedAdvice[]

Advice (non-obligatory)

$.Id

Advice code

$.AttributeAssigments[?(@.AttributeId == "payload")].Value

Advice payload

The following example is an appropriate response based on the request in Requests.

{
  "Response": [{
    "Decision": "Permit",
    "Obligations": [{
      "Id": "obligation-id",
      "AttributeAssignments": [{
        "AttributeId": "payload",
        "Value": "payload-value"
      }]
    }],
    "AssociatedAdvice": [{
      "Id": "advice-id",
      "AttributeAssignments": [{
        "AttributeId": "payload",
        "Value": "payload-value"
      }]
    }]
  }]
}

In this example, it is up to the application server to handle the obligations and advice in the response.