The policy decision point (PDP) API provides an HTTP API for decisions determined based on the policies configured within the PingDataGovernance Server Policy Decision Service.
The PDP API is implemented as a single endpoint, which consuming application servers can
access using POST requests to the /pdp path. The HTTP requests must
include the appropriate
headers, and request bodies must adhere to the XACML-JSON standard. For more
information, see Requests.
|PDP API Endpoint path
A successful PDP API request goes through the following two-phase flow:
- First, the client makes the XACML-JSON request, which is received by the PDP API. The PDP API converts the request to a PingDataGovernance Server batch decision request and attempts to authorize the client.
- On authorize success, the request is handed off to the Policy Decision Service to process decisions in batch for the PDP API. The PDP API then converts the batch decision responses to a XACML-JSON response and writes the response to the client.
The following sections describe these stages in more detail.