Response mode values
The response mode determines how PingOne returns result parameters.
Specify the response mode using the response_mode
request parameter. If response_mode
is not present in a request, the default response mode is used.
PingOne supports a proprietary redirectless OAuth mode: pi.flow. This allows applications to request OAuth/OIDC tokens from PingOne and host the authentication UI in the applications without redirecting the user’s browser to PingOne.
PingOne can respond back to the application’s authorization request in one of four modes: query
, fragment
, form_post
, and pi.flow
.
- query
-
Authorization Response parameters are encoded in the query string added to the
redirect_uri
when redirecting back to the application. - fragment
-
Authorization Response parameters are encoded in the fragment added to the
redirect_uri
when redirecting back to the application. - form_post
-
Authorization Response parameters are encoded as HTML form values that are auto-submitted in the browser, and are transmitted through HTTP POST to the application, with the result parameters being encoded in the body using the
application/x-www-form-urlencoded
format. - pi.flow
-
Specifies a redirectless flow with a flow object in the response. This allows applications to request OAuth/OIDC tokens from PingOne and host the authentication UI in the applications without redirecting the user’s browser to PingOne. When authentication is complete, the app receives the auth code, access token, or ID token in a JSON response instead of a redirect.