When you make API requests to test configuration of API gateways, API Services, and resource operations, you can review runtime activity logs to ensure components are working correctly and to diagnose configuration problems.

  1. In PingOne, go to Environment > Audit.
  2. Run an audit report to show HTTP Access Policy events:
    1. For Filter Type, select Event Type.
    2. For Filter, select the following options:
      • HTTP Request Policy Evaluated
      • HTTP Response Policy Evaluated
    3. Click Run.
  3. In the Activities table, in the Details column, click View to examine details for HTTP Access Policy events.
    Parameter Description

    API server resources

    The API server name and ID. Also the name and a link to the matched API operation.

    Gateway resources

    The name and ID of the gateway that authenticated to the API, your environment ID, and a link to the gateway in the management API.


    The status is either SUCCESS or FAILED. The description provides an explanation for the success or failure.

    Policy evaluation result

    Evaluation result codes and messages:

    • POLICY_EVALUATION_SUCCEEDED: The request was evaluated successfully to produce a permit or deny decision. The message further explains the decision.
    • POLICY_EVALUATION_FAILED: The request failed because of a policy evaluation error.
    • INVALID_GATEWAY_REQUEST: The authorization plugin sent an invalid request to PingOne.
    • NO_POLICY_FOUND: No matching API server was found to define the policy for the operation.
    • UNEXPECTED_ERROR: An error occurred that doesn’t fall under one of the other result codes.

    The HTTP response status code is also provided.

    Authorization decision

    The decision returned by the decision service for HTTP request events:

    • PERMIT
    • DENY