Learn how to add an operation that will use fine-grained custom policies in PingOne Authorize for access control.
Custom authorization policies in PingOne Authorize enable you to add more advanced API access rules that might require several iterations of configuration and testing before deployment. Custom policy authoring supports fine-grained logic and an iterative workflow.
When you added the Meme Game API service in Tutorial 1: Adding a managed API service for the Meme Game in PingOne, you enabled custom policies for the API service. In this task, you'll create an API operation for the Meme Game API service that matches the API request used to start a new game. You’ll create the custom policy in a later task.
- In PingOne, go to .
- Click the Meme Game API service, and then click the Operations tab.
Click Define Operation to create a new operation.
First, define the operation by configuring a method and path combination that matches a client request to the API.
Click Methods, and then select the
POST method. Press tab or click outside the list of
methods to close it.
For Paths, enter the following:
This is the API path for starting a new game. The path must start with a slash (/).
For Name, enter Start a new
- Click Next, and then click Save.
You’ve defined an API operation that matches the API request used to start a new game.
Next, you’ll add attributes in the Trust Framework for your policy logic.