PingOne Authorize node
The PingOne Authorize node sends a decision request to a specified decision endpoint in your PingOne Authorize environment. These authorizations include:
Advanced Identity Cloud provides the PingOne Service to enable the PingOne Authorize node:
Compatibility
Product | Compatible? |
---|---|
Advanced Identity Cloud |
Yes |
PingAM (self-managed) |
Yes |
Ping Identity Platform (self-managed) |
Yes |
Inputs
This node retrieves the attribute map from the shared state.
Additionally, the node first attempts to locate in shared state the
PingOne Authorize Policy Attribute(s)
defined in the policy that corresponds
to the active decision endpoint.
Configuration
Property | Usage |
---|---|
PingOne Worker Service |
Service for specific PingOne Worker application. |
Decision Endpoint ID |
The Decision Endpoint ID from the PingOne Authorize service. |
Attribute Map |
The attribute map is to overcome the name differences between shared state
attributes in Advanced Identity Cloud and the request parameters in PingOne.
For example, if the shared store |
Statement Codes |
Set the node outcomes based on the statements from the PingOne Authorize decision. |
Continue |
Use the |
Outcomes
Permit
-
Satisfied the active policy’s permit condition and authorized the user.
Deny
-
Satisfied the active policy’s deny condition and did not authorize the user.
Indeterminate
-
Does not satisfy the active policy’s permit or deny conditions.
Error
-
There was an error during the authorization process.