Publishing policy versions to Authorize gateway instances
You can publish policy and Trust Framework versions to gateway instances through Version History in PingOne or you can use an Authorize gateway.
Publishing a version is like saving a snapshot of your policies and Trust Framework definitions. The published version reflects the state of these objects at a specific point in time. Learn more in Version history.
You can also publish policy versions to cloud-based decision endpoints. However, decision endpoints don’t provide the data residency and reduced latency benefits of gateway instances deployed in your organization’s infrastructure. |
Each gateway instance that is associated with the same Authorize gateway uses the authorization version published to that gateway. When you publish a version to an Authorize gateway, the authorization version deployment configuration is downloaded and stored locally with the gateway instance in your infrastructure.
Publishing could fail if policies include features that aren’t compatible with gateway instances, such as version differences or unsupported features. Learn more in Policies published to Authorize gateways. |
Before you begin
-
Build your authorization policies in PingOne. Learn more in Policies.
-
Version History
Publish a version in Version History
You can use Version History to publish authorization versions to gateway instances. This method enables you to view which versions are published to particular Authorize gateways.
Steps
-
In the PingOne admin console, go to Authorization > Version History.
-
Click the More Options (⋮) icon next to the version you want to publish and select Publish Version.
In this example, the Prod Gateway, Test Gateway, and Dev Gateway Authorize gateways were created using the Bootstrap authorization version. You can also see that the Prod and Test cloud-based decision endpoints use the Bootstrap version, and that the Dev decision endpoint uses the latest policy version by default. You’ll publish versions to Authorize gateways and not to cloud-based decision endpoints.
-
In the Publish to list, select an Authorize gateway.
-
If you’re publishing the latest version, which is unnamed, enter a Name that makes the version easy to identify.
If you’re publishing a version that’s already named, you can use the existing name or change it.
-
Click Publish.
Result:
The latest version is renamed and it is now published to the Dev Gateway, in addition to the Dev decision endpoint.