Using the tutorials

Use the tutorials to familiarize yourself with the capabilities of PingAuthorize dynamic authorization management by walking through the provided configuration exercises.

Before you begin

To complete these tutorials, you must:

Complete the instructions at https://devops.pingidentity.com/get-started/introduction/.
Have access to Git.
Increase your Docker memory limit to at least 4 GB.

To change this setting, go to Docker Dashboard → Settings → Resources → Advanced.

The tutorials provide sample requests that use curl. However, you can use any program that can send HTTP request, such as wget or Postman.

Setting up your environment

About this task

To help you get started quickly with PingAuthorize, we provide Docker containers that have everything you need. Deploy these containers using Docker commands and then start using PingAuthorize.

Steps

Clone the GitHub repository that contains the supporting source files.

Replace the variable <X.X> with the first two digits of the PingAuthorize release you want to clone.
```
git clone --branch  <X.X>  https://github.com/pingidentity/pingauthorize-tutorials && cd pingauthorize-tutorials
```
This command places the files in the pingauthorize-tutorials directory and changes to that directory. The directory contains a docker-compose.yml file that defines the containers used in the tutorial.

You shouldn’t need to modify this file or understand its contents to follow the tutorial steps. However, you might need to change some configuration values that the Docker Compose environment uses. The env-template.txt file contains various configuration values, including the default port definitions used by the Docker Compose containers.
Copy the template to a new .env file at the root of the cloned repository and edit its contents using any text editor.
```
cp env-template.txt .env
vi .env
```
You might not need to modify any values if all the default ports are available.

You must still have an .env file in place for the environment to start.

Starting PingAuthorize

About this task

To start the Docker Compose environment:

Steps

Go to the pingauthorize-tutorials directory you cloned in Setting up your environment.
Run the following command.
```
docker-compose up --detach
```

Verifying proper startup

About this task

The command shows the status of the containers started by the docker-compose command. Each of the four containers should initially have a status of starting. All four containers should reach an equilibrium state of healthy.

Steps

To verify that both PingAuthorize Server and Policy Editor started properly and are running, run the following command.
```
docker container ls --format '{{ .Names }}: {{ .Status }}'
```
It could take up to 15 minutes for all four containers to reach this equilibrium state.
If you have any issues, check the log files using the docker-compose logs command.

Accessing the GUIs

About this task

PingAuthorize has two GUIs:

Administrative console
Policy Editor

If you have problems connecting because of self-signed certificates, click Advanced or try a different browser.

Steps

Access either the administrative console or the Policy Editor.

Choose from:

To make configuration changes to PingAuthorize Server, access the administrative console.

Description Details

URL

https://localhost:5443/console/login

Details to enter at sign-on

Server: pingauthorize:1636
Username: administrator
Password: 2FederateM0re

If submitting the form results in a Server unavailable error, wait longer for the containers to reach an equilibrium healthy state, as described in Verifying proper startup.

To make and test policy changes, access the Policy Editor.

This GUI calculates decision responses when you configure PingAuthorize to use the GUI as an external policy decision point.

Description	Details
URL	https://localhost:8443
Details to enter at sign-on	User ID: admin Password: password123

Description

Details

URL

https://localhost:8443

Details to enter at sign-on

User ID: admin
Password: password123

Stopping PingAuthorize

About this task

If you have completed the tutorials and no longer need the containers, run the following commands to stop and remove the containers.

To simplify the prerequisites for using Docker with this tutorial, all of the changes you make are lost when you destroy your Docker Compose environment. For standard installations, use persistent volumes to maintain data across container deployments.

Steps

Go to the pingauthorize-tutorials directory you cloned in Setting up your environment.
Run the following command.
```
docker-compose down
```

About the tutorial configuration

We provide the following pre-configured Docker containers through the Docker Compose environment, so that you can develop policies immediately.

Container

Description

pingauthorize

PingAuthorize Server: The server enforces the policies you define.

pingauthorizepap

PingAuthorize Policy Editor: Use this GUI to define the policies that determine access control and protect your data.

pingdirectory

PingDirectory: A directory of user information.

PingAuthorize doesn’t require PingDirectory.

However, some of the tutorials do use PingDirectory as an attribute provider. You can reference the attributes in your policies.

pingdataconsole

administrative console: Use this GUI to configure PingAuthorize.