Before you connect to an HTTP service, you can add attributes that store values for service settings, such as the endpoint URL for an HTTP request. After you finish the configuration, test the service connection. To use the service response, add attributes that resolve against the service and process the response to extract required values.

Add a service, configure the following HTTP settings, then configure general settings to finish the service connection.

HTTP Settings

HTTP service requests can send and receive text, JSON, and XML content.

Screen capture showing the Service Type, URL, HTTP Method, Body, and Authentication HTTP service settings.
HTTP settings
Setting Description

URL

URL for the REST endpoint the decision point accesses in the HTTP request.

To include an attribute anywhere in the URL, wrap the full name of the attribute in double curly brackets.

Note:

Because there is no URL encoding in service settings, use a SpEL processor in the attribute definition to perform URL encoding.

For example, you can use a SpEL processor similar to this in the attribute resolver:

#string.asUrlEncoded(#this.value)

HTTP Method

Action performed in the HTTP request. Options are GET, POST, PUT, DELETE, and HEAD.

Content Type

The media type of the content in the HTTP request. Options are application/json, application/xml, and text/html.

Body

The body sent with the HTTP request. You can include attributes anywhere in the body, with no escaping, by wrapping the full name of the attribute in double curly brackets.

Authentication

HTTP authentication type for the authorization header sent with the HTTP request:

  • None: No authorization header is sent with the HTTP request.
  • Basic: Basic authentication with a username and password.
  • OAuth2: Bearer authentication with a token. Select an attribute that stores the authorization token to send with the HTTP request.
Note:

You can configure HTTP headers to use additional authentication mechanisms. For example, you have full control over the Authorization header and other headers.

Headers

You can send any number of custom header key-value pairs with a request. To make the header dynamic, select an attribute for the header value.

Screen capture showing the Key and Value HTTP service header settings.

To add a header:

  1. Click + Header.
  2. Enter the header Key.

    The key is a fixed string.

  3. For the header Value, enter a constant value or click Switch to attribute button. to select an attribute.

SSL/TLS Certificate Settings

Certificate validation in PingOne Authorize allows you to enable or disable SSL and TLS certificates when connecting to SSL or TLS-based services.

Screen capture showing the Certificate Validation list in SSL/TLS certificate settings for HTTP services.

SSL and TLS certificate settings apply when validating the certificate or certificate chain sent from the server. The following Certificate Validation options are available:

  • On: Performs TLS validation when connecting to the service. Select this option when you connect to a service that has a certificate issued from a valid certificate authority. This setting is enabled by default.
  • Off: Skips server certificate validation and allows initiation of the connection without validation.

Value processors

You can define value processors to transform data returned by the HTTP service. For more information, see Processors.