PingOne Advanced Services

Creating and updating virtual hosts

You and your administrators can create and update virtual host certificates and TLS configurations yourselves. Configurations are automatically replicated to child regions in PingOne Advanced Services for the following applications:

  • PingFederate

  • PingFederate Admin API

  • PingAccess

  • PingAccess Admin API

  • PingAccess Agents

  • PingDirectory

  • Delegated Admin

Supported functions include:

  • Create/List/Update/Delete configurations

    The GET /certificates route does not return the certificate’s fullchain and private key. It is up to the user to keep track of that information.

    Also note that after you create or update a configuration, it will take some time for the virtual host to become available.

  • Rollback configurations

    Configurations can only be rolled back once. Then the configuration needs to be updated again at least once before rollback will succeed again.

    Rollback routes also support an optional dry_run query parameter. Setting it to true in a request gets the expected version after rollback, but does not do the rollback.

Limitations include:

  • You cannot currently create or update the following configurations yourself. Submit a service request instead.

    • MTLS configurations

    • Configurations that need custom annotations, such as “cors-all-origin”

    • Private Ingress configurations

  • You cannot currently create or update PingFederate Admin UI or the PingAccess Admin UI in PingOne Advanced Services.

About this task

The API requires a JWT Bearer token for authenticating the requests. This token can be retrieved using user credentials or client credentials.

The API also includes interactive documentation for both developers and non-developers to explore the API endpoints, view documentation for the API, and experiment with API calls. You can make API calls from an interactive user interface, custom applications, or from command line tools such as cURL.

The Swagger UI component that displays the Self-Service admin API documentation uses OpenAPI specification (OAS) 3.1. Access to these specifications simplifies the process of integrating the Self-Service API with modern API clients, such as Postman.

Learn more in Accessing the API interactive documentation.