Qodex.ai

Configure a Simple Login

Number of APIs: 13

This activity shows you how to create a simple login using only a username and password. You'll create a login sign-on policy, initiate an authorization request, and use the flow APIs to complete the authorization.

The following operations are supported by the PingOne APIs:

  • Create an application
  • Create a sign-on policy
  • Create a login sign-on policy action
  • Create a user
  • Initiate an authorize request
  • Use flow APIs to complete the login

Prerequisites

Get an access token from the worker application that you created in Getting Started with the PingOne APIs. To get a token from a different worker application in an alternate sandbox environment, run the token request endpoint using the client ID and client secret of your chosen worker app to authenticate the request. For more information, see GET a Worker Application Access Token.

Workflow order of operations

To configure a simple login with a username and password, you must complete the following tasks:

  1. Make a POST request to /environments/{{envID}}/applications to add a new application to the specified environment.

  2. Make a GET request to /environments/{{envID}}/applications/{{webAppSimpleLoginId}}/secret to return the new application's secret attribute.

  3. Make a POST request to /environments/{{envID}}/signOnPolicies to create a new sign-on policy.

  4. Make a POST request to /environments/{{envID}}/signOnPolicies/{{signOnPolicyID}}/actions to define the login action associated with this sign-on policy.

  5. Make a POST request to /environments/{{envID}}/applications/{{appID}}/signOnPolicyAssignments to associate the sign-on policy with the application.

  6. Make a POST request to /environments/{{envID}}/populations to create a new population resource.

  7. Make a POST request to /environments/{{envID}}/users to create a user to assign to the new population resource.

  8. Make a PUT request to /environments/{{envID}}/users/{{userID}}/password to set the new user's password.

  9. Make a GET request to /{{envID}}/as/authorize to obtain an authorization grant. This request starts the authorization flow.

  10. Make a GET request to /{{envID}}/flows/{{flowID}} to initiate the sign-on flow.

  11. To complete the login action, make a POST request to /{{envID}}/flows/{{flowID}} and provide the user's login credentials.

  12. Make a GET request to /{{envID}}/as/resume?flowId={{flowID}} to call the resume endpoint and return the auth code.

  13. Make a POST request to /{{envID}}/as/token to exchange the auth code for an access token.

  1. Step 6: Create a population for simple login users POST {{apiPath}}/environments/{{envID}}/populations

  2. Step 7: Create a user POST {{apiPath}}/environments/{{envID}}/users

  3. Step 2: Get the application secret GET {{apiPath}}/environments/{{envID}}/applications/{{webAppSimpleLoginId}}/secret

  4. Step 4: Create the login sign-on policy action POST {{apiPath}}/environments/{{envID}}/signOnPolicies/{{SimpleLoginSignonPolicyID}}/actions

  5. Step 8: Set user password PUT {{apiPath}}/environments/{{envID}}/users/{{SimpleLoginUserID}}/password

  6. Step 1: Create a web application POST {{apiPath}}/environments/{{envID}}/applications

  7. Step 9: Send an authorization request GET {{authPath}}/{{envID}}/as/authorize?response_type=code&client_id={{webAppSimpleLoginId}}&redirect_uri=https://www.google.com&scope=openid

  8. Step 10: Get the flow GET {{authPath}}/{{envID}}/flows/{{flowID}}

  9. Step 11: Submit login credentials POST {{authPath}}/{{envID}}/flows/{{flowID}}

  10. Step 12: Call the resume endpoint GET {{authPath}}/{{envID}}/as/resume?flowId={{flowID}}