Qodex.ai

Configure CLIENT_SECRET_JWT as the token auth method

Number of APIs: 10

This activity shows you how to use a client secret JWT to authenticate a token request.

The following operations are supported by the PingOne APIs:

  • Create an application
  • Create a user
  • Initiate an authorize request
  • Use flow APIs to complete the login
  • Submit a token request

Prerequisites

Get an access token from the worker application that you created in Getting Started with the PingOne APIs. To get a token from a different worker application in an alternate sandbox environment, run the token request endpoint using the client ID and client secret of your chosen worker app to authenticate the request. For more information, see GET a Worker Application Access Token.

Workflow order of operations

To configure this workflow, you must complete the following tasks:

  1. Make a POST request to /environments/{{envID}}/applications to add a new application to the specified environment.

  2. Make a GET request to /environments/{{envID}}/applications/{{appJwtAppID}}/secret to return the new application's secret attribute.

  3. Make a POST request to /environments/{{envID}}/populations to create a new population resource.

  4. Make a POST request to /environments/{{envID}}/users to create a user.

  5. Make a PUT request to /environments/{{envID}}/users/{{userID}}/password to set the new user's password.

  6. Make a GET request to /{{envID}}/as/authorize to submit the authorize request.

  7. Make a GET request to /{{envID}}/flows/{{flowID}} to initiate the sign-on flow.

  8. To complete the login action, make a POST request to /{{envID}}/flows/{{flowID}} and provide the user's login credentials.

  9. Make a GET request to /{{envID}}/as/resume?flowId={{flowID}} to call the resume endpoint and return the auth code.

  10. Make a POST request to /{{envID}}/as/token to exchange the auth code for an access token.

Run In Qodex

  1. Step 3: Create a population POST {{apiPath}}/environments/{{envID}}/populations

  2. Step 1: Create a web application POST {{apiPath}}/environments/{{envID}}/applications

  3. Step 2: Get the application secret GET {{apiPath}}/environments/{{envID}}/applications/{{appJwtID}}/secret

  4. Step 4: Create user POST {{apiPath}}/environments/{{envID}}/users

  5. Step 5: Set user password PUT {{apiPath}}/environments/{{envID}}/users/{{appJwtUserID}}/password

  6. Step 6: Send an authorize request GET {{authPath}}/{{envID}}/as/authorize?client_id={{appJwtID}}&response_type=code&scope=openid&redirect_uri=https://www.example.com

  7. Step 7: Get the flow GET {{authPath}}/{{envID}}/flows/{{flowID}}

  8. Step 8: Submit login credentials POST {{authPath}}/{{envID}}/flows/{{flowID}}

  9. Step 9: Call the resume endpoint GET {{authPath}}/{{envID}}/as/resume?flowId={{flowID}}

  10. Step 10: Get the access token POST {{authPath}}/{{envID}}/as/token