---
title: Accessing the PingCentral API with SSO enabled
description: Access PingCentral's API with single sign-on (SSO) enabled using the OpenID Connect (OIDC) protocol.
component: pingcentral
version: 2.2
page_id: pingcentral:pingcentral_for_iam_administrators:pingcentral_access_pc_api
canonical_url: https://docs.pingidentity.com/pingcentral/2.2/pingcentral_for_iam_administrators/pingcentral_access_pc_api.html
revdate: August 15, 2023
section_ids:
  before-you-begin: Before you begin
  about-this-task: About this task
  steps: Steps
  example: Example:
---

# Accessing the PingCentral API with SSO enabled

Access PingCentral's API with single sign-on (SSO) *(tooltip: \<div class="paragraph">
\<p>The process of authenticating an identity (signing on) at one website (usually with a user ID and password) and then accessing resources secured by other domains without reauthenticating.\</p>
\</div>)* enabled using the OpenID Connect (OIDC) *(tooltip: \<div class="paragraph">
\<p>An authentication protocol built on top of OAuth that authenticates users and enables clients (relying parties) of all types to request and receive information about authenticated sessions and users. OIDC is extensible, allowing clients to use optional features such as encryption of identity data, discovery of OpenID Providers (OAuth authorization servers), and session management.\</p>
\</div>)* protocol.

## Before you begin

Ensure you have an authorization server configured to authenticate users and issue access tokens. For more information, see [Configuring the OpenID provider](pingcentral_conf_openid_provider.html).

## About this task

To access the PingCentral API with SSO enabled:

## Steps

1. Obtain an access token from the authorization server's response. This token will authorize your API requests.

   |   |                                                                                                                            |
   | - | -------------------------------------------------------------------------------------------------------------------------- |
   |   | The access token is a long string of characters and acts as your proof of authorization to access the requested resources. |

2. Include the access token in the API request's authorization header. The PingCentral API server will verify the token's validity, authenticity, and scopes to ensure the necessary permissions.

   ### Example:

   ```
   GET /api/resource HTTP/1.1
   Host: pingcentral.example.com
   Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyLCJhdWQiOiJhcGkiLCJpc3MiOiJpc3N1ZXIifQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
   ```