The XACML-JSON PDP API is implemented as a single endpoint, which consuming application servers can access using POST requests to the /pdp path. The HTTP requests must include the appropriate Content-Type and Accept headers, and request bodies must adhere to the XACML-JSON standard. For more information, see Requests.

XACML-JSON PDP API Endpoint path Action Content-Type/Accept Request data
/pdp POST application/xacml+json XACML-JSON

The XACML-JSON PDP API supports the MultiRequests JSON object, which allows a client to make multiple decision requests in a single HTTP request.

Note:

Because this object also supports single decision requests, it is the only supported XACML-JSON request format. See the XACML-JSON PDP API Reference for more information about making API requests.

A successful XACML-JSON PDP API request goes through the following two-phase flow:

  1. The client makes the XACML-JSON request, which is received by the XACML-JSON PDP API. The API converts the request to a PingAuthorize Server batch decision request and attempts to authorize the client.
  2. On authorize success, the request is handed off to the Policy Decision Service to process decisions in batch for the XACML-JSON PDP API. The API then converts the batch decision responses to a XACML-JSON response and writes the response to the client.
Produced by OmniGraffle 7.21.2\n2023-01-18 22:13:18 +0000 Canvas 1 Layer 1 Canvas_1 Canvas_1_Layer_1 Group_2 Group_67 Group_108 Graphic_109 Group_96 Line_97 Group_88 Graphic_91 Graphic_90 Graphic_89 Text Policy Decision Service Group_86 Line_87 Group_82 Graphic_85 Graphic_84 Graphic_83 Text XACML-JSON PDP API Group_78 Graphic_81 Graphic_80 Graphic_79 Text XACML-JSON PDP API Group_76 Line_77 Group_72 Graphic_75 Graphic_74 Graphic_73 Text Client Group_68 Graphic_71 Graphic_70 Graphic_69 Text Client Group_38 Group_63 Graphic_66 Graphic_65 Graphic_64 Text Client receives XACML-JSON response Group_43 Graphic_46 Graphic_45 Graphic_44 Text Client makes XACML-JSON request Group_3 Group_36 Line_37 Group_34 Graphic_35 Text XACML-JSON request Group_28 Line_29 Group_26 Graphic_27 Text response Group_24 Line_25 Group_22 Graphic_23 Text batch decision request Group_20 Line_21 Group_15 Graphic_16 Text convert XACML-JSON to batch decision request Group_13 Graphic_14 Group_4 Graphic_5 Group_47 Graphic_50 Graphic_49 Graphic_48 Text API converts XACML-JSON request to batch decision request Group_47 Graphic_50 Graphic_49 Graphic_48 Text API forwards batch decision request to Policy Decision Service Group_47 Graphic_50 Graphic_49 Graphic_48 Text Policy Decision Service handles batch decision request Group_4 Graphic_5 Group_6 Graphic_7 Text apply policy statements to API response Group_63 Graphic_66 Graphic_65 Graphic_64 Text Client applies statements Group_15 Graphic_16 Text convert batch decision responses to XACML-JSON Group_47 Graphic_50 Graphic_49 Graphic_48 Text API converts batch decision response Group_17 Graphic_18 Text decision responses with statements Group_88 Graphic_91 Graphic_90 Graphic_89 Text Policy Decision Service Group_47 Graphic_50 Graphic_49 Graphic_48 Text API validates client through policy

The following sections describe these stages in more detail.