The sideband API consists of the following components.

Sideband API Shared Secrets
Defines the authentication credentials that the sideband API might require an API gateway adapter to present. For more information, see Authenticating to the Sideband API.
Sideband API HTTP Servlet Extension
Represents the sideband API itself. If you require shared secrets, you might need to configure this component. For more information, see Authenticating to the Sideband API.
Sideband API Endpoints
Represents a public path prefix that the sideband API accepts for handling proxied requests. A sideband API endpoint configuration defines the following items:
  • The base path (base-path) for requests that the sideband API accepts
  • Properties that relate to policy processing, such as service, which targets the policy requests that are generated for the sideband API endpoint to specific policies

PingAuthorize Server's default configuration includes a default sideband API endpoint that accepts all API requests and generates policy requests for the service Default. To customize policy requests further, an administrator can create additional sideband API endpoints. For more information about using the sideband API endpoint configuration to customize policy requests, see Sideband API policy requests.


Changes to these components do not typically require a server restart to take effect. For more information, see the Configuration Reference, located in the server's docs/config-guide directory.


The following example commands create a pair of sideband API endpoints that target specific requests to a consent service.

PingAuthorize/bin/dsconfig create-sideband-api-endpoint \
  --endpoint-name "Consent Definitions" \
  --set base-path:/c/definitions \
  --set service:Consent

PingAuthorize/bin/dsconfig create-sideband-api-endpoint \
  --endpoint-name "Consent Records" \
  --set base-path:/c/consents \
  --set service:Consent