PingOne

Defining an API operation that uses fine-grained policies

Learn how to add an operation that will use fine-grained custom policies in PingOne Authorize for access control.

About this task

Custom authorization policies in PingOne Authorize enable you to add more advanced API access rules that might require several iterations of configuration and testing before deployment. Custom policy authoring supports fine-grained logic and an iterative workflow.

When you added the Meme Game API service in Tutorial 1: Adding a managed API service for the Meme Game in PingOne, you enabled custom policies for the API service. In this task, you’ll create an API operation for the Meme Game API service that matches the API request used to start a new game. You’ll create the custom policy in a later task.

Steps

  1. In PingOne, go to Authorization > API Services.

  2. Click the Meme Game API service, and then click the Operations tab.

  3. Click Define Operation to create a new operation.

    First, define the operation by configuring a method and path combination that matches a client request to the API.

  4. Click Methods, and then select the POST method. Press tab or click outside the list of methods to close it.

    Screen capture showing the expanded Methods list in the Define Operation window.
  5. For Paths, enter the following:

    /api/v1/games

    This is the API path for starting a new game. The path must start with a slash (/).

  6. For Name, enter Start a new game.

    Screen capture of the Create Operation window showing Method, Path, and Name settings.
  7. Click Next, and then click Save.

Result

You’ve defined an API operation that matches the API request used to start a new game.

Next steps

Next, you’ll add attributes in the Trust Framework for your policy logic.