The XACML-JSON PDP API is implemented as a single endpoint, which consuming application servers can access using POST requests to the /pdp path. The HTTP requests must include the appropriate Content-Type and Accept headers, and request bodies must adhere to the XACML-JSON standard. For more information, see Requests.

XACML-JSON PDP API Endpoint path Action Content-Type/Accept Request data
/pdp POST application/xacml+json XACML-JSON

The XACML-JSON PDP API supports the MultiRequests JSON object, which allows a client to make multiple decision requests in a single HTTP request.

Note:

Because this object also supports single decision requests, it is the only supported XACML-JSON request format. See the XACML-JSON PDP API Reference for more information about making API requests.

A successful XACML-JSON PDP API request goes through the following two-phase flow:

  1. The client makes the XACML-JSON request, which is received by the XACML-JSON PDP API. The API converts the request to a PingAuthorize Server batch decision request and attempts to authorize the client.
  2. On authorize success, the request is handed off to the Policy Decision Service to process decisions in batch for the XACML-JSON PDP API. The API then converts the batch decision responses to a XACML-JSON response and writes the response to the client.

The following sections describe these stages in more detail.