The XACML-JSON policy decision point (PDP) API provides a standards-based HTTP API
for decisions determined based on the policies configured within the PingAuthorize Server Policy Decision Service.
The XACML-JSON PDP API is implemented as a single endpoint, which consuming application
servers can access using POST requests to the /pdp path. The HTTP
requests must include the appropriate Content-Type and
Accept headers, and request bodies must adhere to the XACML-JSON
standard. For more information, see Requests.
XACML-JSON PDP API Endpoint path
Action
Content-Type/Accept
Request data
/pdp
POST
application/xacml+json
XACML-JSON
The XACML-JSON PDP API supports the MultiRequests JSON object, which allows a client to make
multiple decision requests in a single HTTP request.
Note:
Because this object also supports single decision requests, it is the only supported
XACML-JSON request format. See the XACML-JSON PDP API Reference for more
information about making API requests.
A successful XACML-JSON PDP API request goes through the following two-phase flow:
The client makes the XACML-JSON request, which is received by the XACML-JSON PDP
API. The API converts the request to a PingAuthorize Server batch decision request and
attempts to authorize the client.
On authorize success, the request is handed off to the Policy Decision Service to
process decisions in batch for the XACML-JSON PDP API. The API then converts the
batch decision responses to a XACML-JSON response and writes the response to the
client.
The following sections describe these stages in more detail.