Visualizing a policy decision response - PingAuthorize - 9.1

PingAuthorize

bundle
pingauthorize-91
ft:publication_title
PingAuthorize
Product_Version_ce
PingAuthorize 9.1
category
ContentType
Product
Productdocumentation
paz-91
pingauthorize
ContentType_ce
Product documentation

Visualize a decision by selecting a recent decision or by copying and pasting a decision from a log.

  1. Sign on to the PingAuthorize Policy Editor.
  2. Choose a method for visualizing a decision.
    • Select a recent decision
      1. In the Policy Editor, go to Policies.
      2. Click the Decision Visualiser tab.
      3. Click Recent Decisions and select a decision.
      4. Click Visualise.
      Note:

      You can control the number of recent decisions that appear in the list as explained in Setting the request list length for Decision Visualizer.

    • Copy and paste a decision from a log
      Note:

      Before attempting to troubleshoot or trace a policy-decision response, ensure that the Policy Decision logger is enabled. For more information, see Configuring PingAuthorize logging.

      Each policy-decision response is presented in JSON format. To view the details of a policy-decision response:

      1. From within the policy-decision file, copy the policy-decision response JSON.
      2. In the Policy Editor, go to Policies.
      3. Click the Decision Visualiser tab.
      4. Click Paste Logs.
      5. In the field beneath Paste Logs, paste the policy-decision response JSON.
      6. Click Visualise.
An interactive decision tree of your policies is displayed.
Decision Tree

This image depicts the final decision sent to the client. The node to the far left, Global Decision Point, represents the root node, and the child nodes contain the subset of policies and rules.

The following color-coded icons convey important information:

  • A green check mark indicates that the request permit on the policy or rule.
  • A red X indicates that the request deny on the policy or rule.
  • A gray N/A indicates that the request is not applicable to the policy or rule.

In the previous example, the client received a final decision of deny. The Token Validation policy permitted the request initially but was overridden after the Random Jokes API policy was applied.