Decision endpoints

Decision endpoints in PingOne Authorize provide development, testing, and production environments for the stages involved in policy deployment.

PingOne Authorize provides three default endpoints for deployment stages: Dev, Test, and Prod. You can add up to 30 endpoints in each environment and update or delete endpoints to suit your organization’s needs.

You can configure an endpoint to use either the latest policy version or a specific named policy version published to the endpoint. When you use the latest policy version, policy updates are published to the endpoint automatically, but system responses are slower because a policy package must compile whenever a request is made to the endpoint. Because of this, Use latest is intended for policy development and debugging only.

By default, the Dev stage endpoint is configured to use the latest policy version, and the Test and Prod stage endpoints are configured to use the bootstrap version. You can change these settings for any endpoint.

You can configure decision endpoints to keep track of the 20 most recent decisions made during the last 24 hours. It’s helpful to enable this setting during policy development as a debugging tool so you can visualize and examine recent decisions. This can cause a slower system response, so the setting is disabled by default.

Event subscriptions, or webhooks, enable you to use third-party tools to monitor audit events for decision endpoints.

The PingOne API provides operations to create, read, update, and delete decision endpoint resources. It also provides an evaluation action to execute a decision request against a resource. Learn more about the PingOne Authorize Policy Decision Service in the API Reference documentation.