AuthScope PingIdentity Integration
The AuthScope PingAccess plugin provides fine grained access controls for PingAccess protected APIS. The plugin is a PingAccess Rule that gets applied at an application level.
Overview
Runtime Flow
- User Authenticates and get the access_token.
- User Agent requests an API access with an access_token.
- PingAccess validates the access_token with PingFederate. PingFederate returns scopes associated to the access_token.
- PingAccess invokes isAccessAllowed API on AuthScope. Based on the GRANT/DENY response from AuthScope PingAccess either allows or blocks the API.
- On GRANT PingAccess provides access to API.