Manage ESVs using the API

For background on ESVs in PingOne Advanced Identity Cloud, learn more in ESVs.

ESV API endpoints

Advanced Identity Cloud provides these API endpoints for ESVs:

Variables API endpoint
Secrets API endpoint
Restart API endpoint

To authenticate to the API, learn more in Authenticate to ESV API endpoints.

If you plan to delete an ESV using the variables or secrets API endpoints, you may first need to remove references to it from your environment. Learn more in Preconditions to delete an ESV.

Authenticate to ESV API endpoints

To authenticate to ESV API endpoints, use an access token.

In addition to the default fr:idm:* OAuth scope, there are several additional OAuth scopes that can be used with the ESV API endpoints when you create an access token:

Scope Description

Scope	Description
`fr:idc:esv:*`	Read, create, update, delete, and restart access to ESV API endpoints.
`fr:idc:esv:read`	Read access to ESV API endpoints.
`fr:idc:esv:update`	Create, update, and delete access to ESV API endpoints.
`fr:idc:esv:restart`	Restart access to ESV API endpoints.

fr:idc:esv:*

Read, create, update, delete, and restart access to ESV API endpoints.

fr:idc:esv:read

Read access to ESV API endpoints.

fr:idc:esv:update

Create, update, and delete access to ESV API endpoints.

fr:idc:esv:restart

Restart access to ESV API endpoints.