Making decision requests to Authorize gateway instances
Use the POST localhost:<port>/api/authorize
operation to execute a decision request against a gateway instance.
Before you execute decision requests against gateway instances in your organization’s infrastructure, make sure you’ve completed steps 1 - 5 in Setting up an Authorize gateway. |
Authentication
You can enforce client authentication on the /api/authorize
endpoint by configuring a shared secret. Learn more in Authentication for Authorize gateway endpoints.
Request body
The request body requires the parameters
property.
The userContext
property is required when your authorization policies include built-in PingOne User attributes. Learn more in Built-in attributes.
Parameters consist of an attribute name and value separated by a colon. For example:
{ "parameters": { "Amount": "990", "Account": "Basic Checking", "Payment.consentId": "{{consentID}}" }, "userContext": { "user": { "id": "{{userID}}" } } }
Example request
curl --location 'http://localhost:8080/api/authorize' \ --header 'Authorization: Bearer example-secret' \ --header 'Content-Type: application/json' \ --data ' { "parameters": { "Amount": "990" }, "userContext": { "user": { "id": "12356bca-0e34-4c02-8b19-51349ddd4ed5" } } }'
Example response
{ "id": "13234d13-7cc5-4394-a1a4-c685cbff4a5d", "authorizationVersion: { "id": "2027cfbe-4fcc-46f8-9c2f-d1f34983a43f" }, "timestamp": "2025-07-25T23:09:11.439455948Z", "elapsedMicroseconds": 409, "decision": "PERMIT", "authorized": true, "statements": [], "status": { "code": "OKAY", "messages": [], "errors": [] } }