PingOne Advanced Identity Cloud

Request authorization from PingOne Advanced Identity Cloud

When you have configured PingOne Advanced Identity Cloud to determine whether to grant or deny access based on your configured policies, you must configure policy enforcement points (PEPs) to use PingOne Advanced Identity Cloud.

The Ping Identity Platform provides the following PEPs:

Web agents and Java agents

Add-on components installed on the web server or container that serves your applications. The web and Java agents are tightly integrated with PingOne Advanced Identity Cloud and serve exclusively as PEPs.

For more information, refer to Policy enforcement in the ForgeRock web agents documentation, or to Policy enforcement in the ForgeRock Java agents documentation.

PingGateway

A high-performance reverse proxy server that can also function as a PEP.

For more information, refer to Policy enforcement in the PingGateway documentation.

The Ping Identity Platform PEPs intercept inbound client requests to access resources in your website or application. Based on internal rules, the PEPs can defer requests to PingOne Advanced Identity Cloud for policy evaluation. Because they are tightly integrated with PingOne Advanced Identity Cloud, you do not need additional code to request policy evaluation or to manage advices.

ForgeRock recommends you use the Ping Identity Platform PEPs; however, you can code your own and make REST calls to PingOne Advanced Identity Cloud to request policy evaluation.

Related information: Request policy decisions over REST