PingFederate ships with interactive documentation for both developers and non-developers to explore the API endpoints, view documentation for the API, and experiment with API calls. In general, the API calls can be called from an interactive user interface, custom applications, or from command line tools such as cURL. The endpoint is only available at the administrative port, as defined by the pf.admin.https.port property in <pf_install>/pingfederate/bin/run.properties.

Important:

For enhanced API security, you must include X-XSRF-Header: PingFederate in all requests and use the application/json content type for PUT and POST requests.

  • To access the administrative API documentation, follow these steps:
    1. Start PingFederate.
    2. Start a web browser.
    3. Browse to the following URL:
      https://<pf_host>:9999/pf-admin-api/api-docs/

      where <pf_host> is the network address of your PingFederate server. It can be an IP address, a host name, or a fully qualified domain name. It must be reachable from your computer.

      Note:

      <pf_host> is the network address of your PingFederate server. It can be an IP address, a host name, or a fully qualified domain name. It must be reachable from your computer.

      9999 is the default value of the pf.admin.https.port property in the run.properties file.

  • To test an administrative API, follow these steps:
    1. Select a section of the administrative API you would like to explore; for example, /dataStores.
    2. Expand the method you want to use; for example, GET /dataStores.
    3. Enter required parameters, if any.
      (For more information, see Operation Models underneath the selected API endpoint.)
    4. Click Try it out.
      Note:

      You may be prompted to sign on using administrative credentials over HTTP Basic authentication. The role assigned to the respective administrative accounts affects the access to the requested API.

      If the request completes successfully, the administrative API returns the Request URL, the Response Body, the Response Code, and the Response Headers.