Qodex.ai

Configure a Single-Page Application with an Implicit Grant

Number of APIs: 11

This activity shows you how to create an single-page application, configure its connection settings, create a resource access grant, and initiate an authorization request.

The following operations are supported by the PingOne APIs:

  • Create an application
  • Create a resource access grant
  • Initiate an implicit authorization and authentication flow

Prerequisites

Get an access token from the worker application that you created in Getting Started with the PingOne APIs. To get a token from a different worker application in an alternate sandbox environment, run the token request endpoint using the client ID and client secret of your chosen worker app to authenticate the request. For more information, see GET a Worker Application Access Token.

Workflow order of operations

To configure a single-page application and initiate an authentication flow, the following tasks must be completed successfully:

  1. Make a POST request to /environments/{{envID}}/applications to add a new application to the specified environment.

  2. Make a GET request to /environments/{{envID}}/resources to return a list of all resource entities associated with the specified environment to get the ID for the PingOne platform resource.

  3. Make a GET request to /environments/{{envID}}/resources/{{resourceID}}/scopes to list all scopes associated with a specified resource (the PingOne platform resource).

  4. Make a POST request to /environments/{{envID}}/applications/{{appID}}/grants to create a new resource access grant for the application.

  5. Make a POST request to /environments/{{envID}}/populations to create a new population resource.

  6. Make a POST request to /environments/{{envID}}/users to create a user who will be assigned to the new population resource.

  7. Make a POST request to /environments/{{envID}}/users/{{userID}}/password to set the new user's password.

  8. Make a POST request to /{{envID}}/as/authorize to obtain an authorization grant. This request starts the authorization flow.

  9. To initiate the authentication flow, make a GET request to GET /{{envID}}/flows/{{flowID}}.

  10. To complete the authentication flow, make a POST request to GET /{{envID}}/flows/{{flowID}} and provide the user's login credentials.

  11. Make a GET request to /{{envID}}/as/resume?flowId={{flowID}} to call the resume endpoint and return the token.

  1. Step 7: Set user password PUT {{apiPath}}/environments/{{envID}}/users/{{appUserID}}/password

  2. Step 6: Create user POST {{apiPath}}/environments/{{envID}}/users

  3. Step 11: Call the resume endpoint GET {{authPath}}/{{envID}}/as/resume?flowId={{flowID}}

  4. Step 1: Create a single-page application POST {{apiPath}}/environments/{{envID}}/applications

  5. Step 2: Get the list of resources GET {{apiPath}}/environments/{{envID}}/resources

  6. Step 3: Get all scopes GET {{apiPath}}/environments/{{envID}}/resources/{{oidcResID}}/scopes

  7. Step 4: Create the application's resource access grant POST {{apiPath}}/environments/{{envID}}/applications/{{SPAppWithImplicitGrantID}}/grants

  8. Step 8: Send the authorize request GET {{authPath}}/{{envID}}/as/authorize?response_type=token&client_id={{SPAppWithImplicitGrantID}}&redirect_uri=https://www.google.com&scope=profile

  9. Step 9: Get the Flow GET {{authPath}}/{{envID}}/flows/{{flowID}}

  10. Step 10: Submit Login Credentials POST {{authPath}}/{{envID}}/flows/{{flowID}}