Qodex.ai

Add a User through a Registration Flow

Number of APIs: 9

This activity shows you how to create a sign-on policy with registration enabled, initiate an authorization request, and use the flow APIs to create and verify a new user account.

The following operations are supported by the PingOne APIs:

  • Create an application
  • Create a sign-on policy
  • Initiate an authorize request
  • Use flow APIs to create a new user
  • Use flow APIs to verify the new user

Prerequisites

Get an access token from the worker application that you created in Getting Started with the PingOne APIs. To get a token from a different worker application in an alternate sandbox environment, run the token request endpoint using the client ID and client secret of your chosen worker app to authenticate the request. For more information, see GET a Worker Application Access Token.

Workflow order of operations

To create a new user through a registration flow, the following tasks must be completed successfully:

  1. Make a POST request to /environments/{{envID}}/applications to add a new application to the specified environment.

  2. Make a POST request to /environments/{{envID}}/populations to create a new population for the reistered user.

  3. Make a POST request to /environments/{{envID}}/signOnPolicies to create a new sign-on policy that enables user registration.

  4. Make a POST request to /environments/{{envID}}/signOnPolicies/{{signOnPolicyID}}/actions to define the registration action associated with this sign-on policy.

  5. Make a POST request to /environments/{{envID}}/applications/{{appID}}/signOnPolicyAssignments to create associate the registration sign-on policy with the application.

  6. Make a GET request to /{{envID}}/as/authorize to obtain an authorization grant. This request starts the authorization flow.

  7. Make a GET request to /{{envID}}/flows/{{flowID}} to get the flow.

  8. Make a POST request to /{{envID}}/flows/{{flowID}} to register the new user.

  9. Make a POST request to /{{envID}}/flows/{{flowID}} to verify the new user account.

  10. Make a GET request to /environments/{{envID}}/users/ to verify that the new user exists in the PingOne directory.

  1. Step 9: Verify user POST {{authPath}}/{{envID}}/flows/{{flowID}}

  2. Step 1: Create an application POST {{apiPath}}/environments/{{envID}}/applications

  3. Step 2: Create a population for registered users POST {{apiPath}}/environments/{{envID}}/populations

  4. Step 3: Create the new sign-on policy POST {{apiPath}}/environments/{{envID}}/signOnPolicies

  5. Step 4: Create the sign-on policy action with registration enabled POST {{apiPath}}/environments/{{envID}}/signOnPolicies/{{registrationPolicyID}}/actions

  6. Step 5: Assign the sign-on policy to an application POST {{apiPath}}/environments/{{envID}}/applications/{{RegistrationAppID}}/signOnPolicyAssignments

  7. Step 6: Send the authorization request GET {{authPath}}/{{envID}}/as/authorize?response_type=code&redirect_uri=https://www.example.com&scope=openid profile&client_id={{RegistrationAppID}}

  8. Step 7: Get the flow GET {{authPath}}/{{envID}}/flows/{{flowID}}

  9. Step 10: Get users GET {{apiPath}}/environments/{{envID}}/users