Learn how to add an operation that uses fine-grained policies in PingOne Authorize.
Authorization policies in PingOne Authorize enable you to add more advanced API access rules that require several iterations of configuration and testing before deployment. Policy authoring supports fine-grained logic and an iterative workflow.
In this task, you'll configure an API operation to match the API requests used to start a new game. Instead of configuring basic access rules, you’ll opt into using custom policies.
You’ll create the fine-grained policy in a later task.
-
Click Methods, and then select the
POST method. Press tab or click outside the list of
methods to close it.
-
For Name, enter Start a new
game.
-
Click the Custom toggle, and then click
Save.
Next, confirm that you want to use a custom policy and won’t be able to switch back to using basic rules for this operation.
-
In the Custom Rules window, select the I
understand check box, and then click Switch to Custom
Rules.
Note:All custom policies for operations under the same API service are deployed to the same decision endpoint. You chose the DEV endpoint when you set up the API service in Tutorial 1. You can change the endpoint by editing the API service.
Now, if you expand the operation, it looks like this.
You’ve defined an API operation to match the API requests used to start a new game, and you’ve opted into using fine-grained policies for this operation.
Next, you’ll add attributes in the Trust Framework for your policy logic.