Testing redirect flows with OAuth Playground - PingFederate - 10.3

Use Cases

bundle
solution-guides
ft:publication_title
Use Cases
Product_Version_ce
category
ContentType
howtodoc
ContentType_ce
How-to
  1. Open OAuth Playground.
    For instructions on installing and configuring OAuth Playground, see OAuth Playground in the PingFederate documentation.
  2. In the left navigation pane, click Authorization Code and enable OpenID Connect.
    Screen capture of PingFederate OAuth Playground Authorization Code page with Use OpenID Connect toggled on as an Endpoint Parameter.
  3. Click Submit.

    You're redirected to the API Explorer.

    Screen capture of PingFederate Authentication API Explorer home page.
    Note:

    Usually this would direct you to a sign-on page hosted on PingFederate, but you redirected the flow by adding the API application with the URL of the API Explorer and selecting the application in the active authentication policy.

  4. In the Authentication Adapter/Selector list, select HTML Form IdP Adapter.
  5. Click Get to initiate the Authentication phase of the flow.
    Screen capture of PingFederate Authentication API Explorer Flow ID retrieval result.
    Note:

    The status is set to USERNAME_PASSWORD_REQUIRED.

  6. Expand the USERNAME_PASSWORD_REQUIRED section.
    Screen capture of PingFederate Authentication API Explorer USERNAME_PASSWORD_REQUIRED section with checkUsernamePassword expanded to show the value editor.
  7. Click Paste Model Template and edit the template with your credentials.
  8. Click Post.

    The request will look like the following.

    POST https://localhost:9031/pf-ws/authn/flows/VKX4Q?action=checkUsernamePassword
    
    
    {
    "username": "user.1",
    "password": "Password1"
    }

    The response after you post will look like the following.

    {
    "id": "g2H6A",
    "pluginTypeId": "7RmQNDWaOnBoudTufx2sEw",
    "status": "RESUME",
    "resumeUrl": "https://localhost:9031/as/g2H6A/resume/as/authorization.ping",
    "_links": {
    "self": {
    "href": "https://localhost:9031/pf-ws/authn/flows/g2H6A"
    }
    }
    }
  9. Under the Post button, in the Result code box, click Resume URL.
    Screen capture of PingFederate Authentication API Explorer USERNAME_PASSWORD_REQUIRED section with the results from posting the user credentials.

    You're redirected to the OAuth Playground.

  10. Click Submit to exchange your authorization code for a valid token by sending a request to the /as/token.oauth2 endpoint.

    You can see the text for the provided access_token and id_token.

    Screen capture of OAuth Playground Authorization Code page with text for access_token and id_token displayed.
  11. Click Validate on either token to have OAuth Playground validate the tokens and display any embedded claims.

    You’ve successfully used the Authentication API to simulate an authentication portal experience.