Ping Identity · OAuth Scopes
Ping Identity OAuth Scopes
OAuth 2.0
searched
Ping Identity publishes 26 OAuth 2.0 scopes via the clientCredentials and authorizationCode flows. Scopes are the fine-grained permissions an application requests at authorization time to act against the Ping Identity API on a user’s behalf.
Tokens are issued from /as/token.
This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.
IdentityAuthenticationAuthorizationSSOMFA
Scopes: 26
Flows: clientCredentials, authorizationCode
Method: searched
OAuth endpoints
Authorization URL
/as/authorize
/as/authorize
Token URL
/as/token
/as/token
Flows
clientCredentialsauthorizationCode
clientCredentialsauthorizationCode
Scopes (26)
| Scope | Description | Flows |
|---|---|---|
| openid | Required scope that tells the authorization server the incoming request is an OpenID Connect request. | |
| profile | Grants access to end-user profile claims including name, family name, given name, middle name, preferred username, nickname, picture, timezone, locale, profile, website, gender, birthdate, and updated timestamp. | |
| Grants access to the email and email_verified claims. | ||
| address | Grants access to address claims including street address, locality, region, postal code, country, and formatted address. | |
| phone | Grants access to the phone_number and phone_number_verified claims. | |
| p1:read:user | Users can retrieve their own user identity and all attributes. | |
| p1:update:user | Users can modify the attributes of their own user identity. | |
| p1:update:userMfaEnabled | Users can enable and disable multi-factor authentication for their own user identity. | |
| p1:create:device | Users can create multi-factor authentication devices for their own user identity. | |
| p1:read:device | Users can retrieve multi-factor authentication devices for their own user identity. | |
| p1:update:device | Users can update multi-factor authentication devices for their own user identity. | |
| p1:delete:device | Users can delete multi-factor authentication devices for their own user identity. | |
| p1:read:userPassword | Users can read the password state for their own user identity. | |
| p1:reset:userPassword | Users can reset the password for their own user identity. | |
| p1:validate:userPassword | Users can validate the password for their own user identity. | |
| p1:read:userLinkedAccounts | Users can read linked accounts for their own user identity. | |
| p1:delete:userLinkedAccounts | Users can delete linked accounts for their own user identity. | |
| p1:create:pairingKey | Users can create a pairing key for their own user identity. | |
| p1:read:pairingKey | Users can read a pairing key for their own user identity. | |
| p1:delete:pairingKey | Users can delete a pairing key for their own user identity. | |
| p1:read:sessions | Users can read sessions for their own user identity. | |
| p1:delete:sessions | Users can delete sessions for their own user identity. | |
| p1:read:userConsent | Users can read consents for their own user identity. | |
| p1:verify:user | Users can verify their own user identity. | |
| p1:read:oauthConsent | Users can read oauth scope consents for their own user identity. | |
| p1:update:oauthConsent | Users can update oauth scope consents for their own user identity. |
📄 Provider scope reference: https://developer.pingidentity.com/pingone-api/foundations/pingone-roles-scopes-and-permissions/access-services-through-scopes-and-roles.html