Requirements for Authorize gateways

Before you deploy Authorize gateway instances in your organization’s infrastructure, ensure that your systems meet the following requirements.

PingOne privileges

The administrator setting up Authorize gateways must have the Environment Admin role in PingOne. This grants the Read Authorize Gateway Deployment permission required for working with Authorize gateways.

To confirm your roles, in the PingOne Administrators environment, go to Directory > Users, click the administrator identity, and confirm the roles on the Roles tab.

Authorize gateways have the Authorize Gateway Policy Evaluator role by default. This role grants the minimum permissions required for Authorize gateways to interact with PingOne. If an Authorize gateway requires additional permissions, grant additional roles to the gateway. Learn more in Managing Authorize gateway roles.

PingOne environment

Make sure the PingOne environment that you’re using for self-managed deployments includes the PingOne SSO and PingOne Authorize services.

Learn more about setting up environments in Creating an environment.

Docker

To run a containerized Authorize gateway instance, you must have Docker installed on the machine that will run the gateway instance.

System requirements

The Docker environment that will run the Authorize gateway instance must have the following resources dedicated to the gateway instance:

Resource	Requirement
Processor	2 CPUs or virtual CPUs
RAM	1 GB
Storage	1 GB

Resource

Requirement

Processor

2 CPUs or virtual CPUs

RAM

1 GB

Storage

1 GB

Gateway access

The Authorize gateway instance requires the ability to initiate outbound requests over the internet to establish a WebSocket Secure connection and HTTPS connections to PingOne.

The WebSocket Secure address varies depending on your region. Ensure that the gateway instance can access the WebSocket Secure address for your region:

Region

Address

API Endpoints

Australia

wss://gateways.pingone.com.au/

wss://gateways-ap-southeast-2.pingone.com.au/

auth.pingone.com.au

api.pingone.com.au

Canada

wss://gateways.pingone.ca/

wss://gateways-ca-central-1a.pingone.ca/

wss://gateways-ca-central-1b.pingone.ca/

auth.pingone.ca

api.pingone.ca

Europe

wss://gateways.pingone.eu/

wss://gateways-eu-central-1.pingone.eu/

wss://gateways-eu-west-1.pingone.eu/

auth.pingone.eu

api.pingone.eu

North America (US)

wss://gateways.pingone.com/

wss://gateways-us-east-2.pingone.com/

wss://gateways-us-west-2.pingone.com/

auth.pingone.com

api.pingone.com

Singapore

wss://gateways.pingone.sg/

wss://gateways-ap-southeast-1y.pingone.sg/

wss://gateways-ap-southeast-1z.pingone.sg/

auth.pingone.sg

api.pingone.sg

Asia Pacific (legacy)

Available only for existing .asia customers.

wss://gateways.pingone.asia/

wss://gateways-ap-southeast-2.pingone.asia/

auth.pingone.asia

api.pingone.asia