Making decision requests to Authorize gateway instances
Decision requests determine whether a user or system is permitted to perform a specific action. Authorize gateway instances evaluate decision requests in your organization’s infrastructure, while authorization policies are centrally managed in PingOne. This approach combines the performance of self-managed evaluation and enforcement with the convenience of centralized policy administration.
Use the POST localhost:<port>/api/authorize operation to execute a decision request against a gateway instance. You can enforce client authentication on the /api/authorize endpoint by configuring a shared secret. Learn more in Authentication for Authorize gateway endpoints.
|
Before making decision requests to gateway instances, make sure you’ve completed steps 1 - 5 in Setting up an Authorize gateway. |
Gateway instances can handle the following types of decision requests:
-
Individual request: A single decision request including a set of parameters and optional PingOne user context.
-
Bulk request: An array of individual decision requests sent in a single API call. Bulk requests reduce latency and network overhead when you need to evaluate several access scenarios at once.
You can find complete request and response schemas, including examples and supported parameters, in the PingOne Authorize API Reference documentation: