The JSON policy decision point (PDP) API provides an HTTP REST API for attribute-based access control based on policies configured in the PingAuthorize Server Policy Decision Service.
The JSON PDP API is implemented with both an individual decision request endpoint and a batch request endpoint that consuming application servers can access using POST requests to the /governance-engine or /governance-engine/batch paths, respectively.
The HTTP requests must include the appropriate
Content-Type and Accept headers, and request
bodies must be valid JSON in the expected request format.
The endpoint paths and headers are listed in the following table.
| JSON PDP API Endpoint path | Action | Content-Type/Accept | Request data |
|---|---|---|---|
|
/governance-engine |
POST |
application/json |
JSON |
|
/governance-engine/batch |
POST |
application/json |
JSON |
A successful JSON PDP API request goes through the following flow:
- The client makes the JSON request, which is received by the JSON PDP API. The API forwards the request to the Policy Decision Service.
- When the Policy Decision Service returns a response, the API sends the response to the client.
The Policy Enforcement Point (PEP) must apply any obligations or advice. See the JSON PDP API Reference for more information about making API requests.