--- title: Validating FAPI with PingGateway description: Validate your FAPI deployment with PingGateway using the OpenID Foundation conformance test suite and two registered API clients component: pinggateway version: 2026 page_id: pinggateway:fapi:test canonical_url: https://docs.pingidentity.com/pinggateway/2026/fapi/test.html revdate: 2025-09-23T11:50:59Z section_ids: before_you_begin: Before you begin review_the_test_documentation: Review the test documentation prepare_the_test_plan: Prepare the test plan run_the_tests: Run the tests --- # Validating FAPI with PingGateway Validate your FAPI deployment using the two API clients you registered and the FAPI conformance test suite. | | | | - | ----------------------------------------------------------------------------------------------------------------------------------- | | | The FAPI conformance tests use DNS to access PingGateway URLs.Make sure the PingGateway deployment is accessible over the internet. | ## Before you begin Before you begin, make sure you have: * [icon: square-o, set=fa][Configured CORS settings in the PingOne Advanced Identity Cloud tenant](cors.html) * [icon: square-o, set=fa][Configured access management settings in the PingOne Advanced Identity Cloud tenant](aic-am.html) * [icon: square-o, set=fa][Configured identity management settings in the PingOne Advanced Identity Cloud tenant](aic-idm.html) * [icon: square-o, set=fa][Configured PingGateway for FAPI](gateway.html) * [icon: square-o, set=fa][Completed DCR for two API clients using the test trusted directory](trusted-directory.html) * [icon: square-o, set=fa]Saved the DCR responses for both API clients * [icon: square-o, set=fa]Saved the PEM-format certificates and private keys for both API clients * [icon: square-o, set=fa]Saved the PEM-format CA certificate for the test trusted directory ## Review the test documentation The OpenID foundation provides conformance tests accessible online through a Google or GitLab account. Read the [instructions for the conformance tests](https://openid.net/certification/certification-fapi_op_testing/). This tutorial focuses on [FAPI 1.0 Part 2 Advanced Final](https://openid.net/specs/openid-financial-api-part-2-1_0-final.html#rfc.section) tests. ## Prepare the test plan 1. Go to [the OpenID certification site](https://www.certification.openid.net/). 2. Sign on with your Google or GitLab account. 3. Create a test plan. 1. Add the high-level settings: | Setting | Use | | -------------------------- | ------------------------------------------------- | | Test Plan | `FAPI1-Advanced-Final: Authorization server test` | | Client Authentication Type | `private_key_jwt` | | Request Object Method | `by_value` | | FAPI Profile | `plain_fapi` | | FAPI Response Mode | `plain_response` | 2. Configure the specific settings for your deployment using the hints provided in the test plan page. Use the following additional hints to complete the configuration: | Setting | Use | | --------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | alias | The alias you chose to customize the client `software_redirect_uris`. | | discoveryUrl | The OpenID Provider well-known endpoint accessed through PingGateway, `https:///am/oauth2/realms/root/realms/alpha/.well-known/openid-configuration`. | | Client settings | The fields in the DCR responses and the PEM-format certificates and private keys you saved. | | resourceUrl | The OpenID Provider well-known endpoint accessed through PingGateway, `https:///rs/fapi/api`. | 4. Click Create Test Plan to access the tests. ## Run the tests Run each test in the plan and correct any issues that arise. You have successfully demonstrated FAPI compliance using PingGateway.