Authorization is the process of giving someone the ability to access a digital resource. To keep sensitive information protected, you should limit user access to only the resources that they need.

Both the PingOne Cloud Platform and PingOne Advanced Services support a variety of authorization protocols and extensions, including OAuth 2.0, Proof Key for Code Exchange (PKCE), OIDC Discovery, and the device authorization grant (Q2 2023 for PingOne SaaS).

PingOne Advanced Services also supports:

  • Pushed Authorization Requests (PAR), which initiate OAuth and OIDC flows.
  • JSON Web Tokens (JWTs) as client secrets and JWT profiles for client authentication.
  • Token exchange.
  • Open banking. Designed to enhance the customer experience, open banking enables third-party financial providers to gain access to consumer data, transactions, and other relevant information, directly from banks and non-bank financial institutions through an API.