---
title: Editing an API service
description: You can edit API service settings, operations, and rules. You can also configure scopes in basic rules.
component: pingone
page_id: pingone:authorization_using_pingone_authorize:p1az_edit_api_service
canonical_url: https://docs.pingidentity.com/pingone/authorization_using_pingone_authorize/p1az_edit_api_service.html
revdate: January 10, 2025
section_ids:
  steps: Steps
---

# Editing an API service

You can edit API service settings, operations, and rules. You can also configure scopes in basic rules.

## Steps

1. Go to **Authorization > API Services**, click the **More Options (⋮)** icon next to the API service that you want to edit, and select **Edit**.

2. Update any of the following settings:

   1. (Optional) Change the API service **Name** or **Base URLs**.

   2. (Optional) To change the **PingOne Resource** associated with the API service, select a resource from the list, or select the option to **Automatically create a PingOne Resource**.

      This resource is managed by the API service and there are restrictions against deleting the resource while it's associated with an API service. Resources created automatically will have the same name as the API service. Learn more about resources in [API services](p1az_api_services.html).

   3. Click **Save**.

3. To edit the API service's authorized scopes:

   Scopes determine the resources that a client can access.

   |   |                                                                                                                                                                                 |
   | - | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
   |   | If user directory services and access token validation are managed externally, use your external identity provider (IdP), such as PingFederate, to configure authorized scopes. |

   1. On the **Overview** tab, under **PingOne Resource**, click the resource name.

   2. In **Applications > Resources**, click the **Scopes** tab.

   3. (Optional) Change a scope **Name** or **Description**.

   4. (Optional) To add a scope, click **+ Add Scope**, enter a **Name** and **Description** for the scope, and then click **Save**.

   5. (Optional) To edit a scope, click the **Pencil** icon next to the scope, change the **Name** or **Description**, and then click **Save**.

   6. (Optional) To remove a scope, click the **Delete** icon next to the scope, select the checkbox to confirm the deletion, and then click **Delete**.

4. To add an operation, click the **Operations** tab, and then click **Define Operation**. Complete settings to [define the operation](p1az_add_api_service_operations.html).

5. To edit an operation, click the **Operations** tab, click the **More Options (⋮)** icon next to the operation name, and then select **Edit Operation**:

   1. (Optional) Change **Methods**, **Paths**, or the operation **Name**.

   2. (Optional) In **Access Rules**, change the **Groups** that are granted access to the operation.

      ![Screen capture showing the groups basic access rule with the Meme Game Admins group selected.](_images/p1az-aam-operation-groups-rule.png)

   3. (Optional) Change the scopes that must be authorized.

      ![Screen capture showing the scopes basic access rule with the meme-game scope selected.](_images/p1az-aam-operation-scopes-rule.png)

   4. (Optional) Change the permissions that the user must have.

      ![Screen capture showing the permission basic access rule with the Memes:Read permission selected.](_images/p1az-aam-operation-permission-rule.png)

   5. (Optional) Change the required authentication policy.

      ![Screen capture showing the authentication policy basic access rule with the Multi\_Factor policy selected.](_images/p1az-aam-operation-authn-policy-rule.png)

      |   |                                                                                                                                        |
      | - | -------------------------------------------------------------------------------------------------------------------------------------- |
      |   | If an authentication flow or sign-on policy is renamed or deleted, you must update this rule accordingly and redeploy the API service. |

   6. (Optional) Change the maximum amount of time to allow since the last authentication event.

      ![Screen capture showing the time since last authentication basic access rule with 3600 seconds entered.](_images/p1az-aam-api-services-operation-authn-time-list.png)

   7. Click **Save**.

6. To edit custom policies for the API service:

   1. Go to **Authorization > Policies** and select the policy in the **API Access Management** policy tree.

      You can edit any of the policies that are nested under **Custom** policy sets.

   2. Update the policy, and then click **Save changes**.

   3. Go to **Authorization > API Services** and select the API service.

   4. Click **Deploy**.