Update PingOne access control scope
PUT {{apiPath}}/environments/{{envID}}/resources/{{resourceID}}/scopes/{{scopeID}}
The PUT /environments/{{envID}}/resources/{{resourceID}}/scopes/{{scopeID}} operation updates the property values of the identified access control scope. At this time, PingOne supports updates for the p1:read:user:{suffix} and p1:update:user:{suffix} platform scopes.
To update the list of accessible user schema attributes, the request body must specify the scope name and it must expressly list the accessible user attributes in the schemaAttributes property. Any user schema attributes not specified in the schemaAttributes property list are not accessible. The response returns a 200 OK message, and it shows the updated property data for the modified scope resource.
Important: The p1:update:user:{suffix} self-service scope is not granted if the user authenticates with an authoritative identityProvider - the user has a user.identityProvider.id value set and their user.identityProvider.type value is not PING_ONE.
Prerequisites
See Resources, especially Resource operations for important overview information.
Read all resources to find the
resourceIDfor the endpoint. Use theresourceIDwith thenamePingOne API
and thetypePINGONE_API
.
| Property | Type | Required? |
|---|---|---|
description | String | Optional |
name | String | Required |
schemaAttributes | String[] | Required |
See the Resource scopes data model for full property descriptions.
Request Body
{"name"=>"p1:update:user", "description"=>"An UPDATED access control scope that includes only the user schema attributes listed in the schemaAttributes property", "schemaAttributes"=>["name.family", "name.given", "email", "address.streetAddress", "address.locality", "address.region", "address.postalCode", "address.countryCode", "primaryPhone", "mobilePhone"]}