Configuring an adapter instance
Configure the PingOne Credentials IdP Adapter to determine how PingFederate communicates with PingOne Credentials.
Steps
-
In the PingFederate administrative console, go to Authentication → Integration → IdP Adapters. Click Create New Instance.
-
On the Type tab, set the basic adapter instance attributes.
-
In the Instance Name field, enter a name for the adapter instance.
-
In the Instance ID field, enter a unique identifier for the adapter instance.
-
From the Type list, select PingOne Credentials IdP Adapter. Click Next.
-
-
On the IdP Adapter tab, in the Credential Types and Attributes section, define the credential types and attributes that you want users to present for verification.
-
Click Add a new row to 'Credential Types and Attributes'.
-
In the Credential Type list, select a credential type that you want users to present for verification.
Example:
verifiedEmployee
-
In the corresponding Credential Attribute field, enter any attributes that you want users to present for verification.
Separate the attribute values with commas.
Example:
firstName, lastName
-
In the Action column, click Update.
-
To add more credential types and attributes, repeat steps a-d.
Because the credential issuer and credential verifier can be in different environments, the Credential Type list doesn’t auto-populate credential types for the selected environment. Use the following issuer filters, Requested Issuer(s) by Environment ID and Requested Issuer(s) by Decentralized Identifiers (DID) to filter through environments and find the credential types that you want to include in the credential presentation request.
-
-
Optional: In the Requested Issuer(s) by Environment ID section, enter the PingOne environment ID of a trusted issuer.
-
Click Add a new row to 'Requested Issuer(s) by Environment ID'.
-
In the Issuer by Environment ID field, enter the environment ID of the issuer.
-
In the Action column, click Update.
-
To add more issuers, repeat steps a-d.
-
-
Optional: In the Requested Issuer(s) by Decentralized Identifiers (DID) section, enter the decentralized identifier of a trusted issuer.
-
Click Add a new row to 'Requested Issuer(s) by Decentralized Identifiers (DID)'.
-
In the Issuer by Decentralized Identifier field, enter the decentralized identifier of the issuer.
-
In the Action column, click Update.
-
To add more issuers, repeat steps a-d.
-
-
On the IdP Adapter tab, configure the adapter instance by referring to PingOne Credentials IdP Adapter settings reference. Click Next.
-
On the Extended Contract tab, add all of the attributes that you defined in the Credential Types and Attributes table. Then click Next.
Using the following format, define each attribute separately:
<credentialType>.<credentialAttribute>
Example:
For a
verifiedEmployee
credential type that has two attributes, entered in the Credential Attribute field asfirstName, lastName
, add thefirstName
attribute first:verifiedEmployee.firstName
Then add the
lastName
attribute:verifiedEmployee.lastName
-
On the Adapter Attributes tab, for subject, select the Pseudonym check box. Click Next.
-
On the Adapter Contract Mapping tab, click Configure Adapter Contract and fill out the configuration as necessary. Click Done, then Next.
Make sure to click Configure Adapter Contract and complete a configuration, even if it’s just Configure Adapter Contract → Next → Next → Next → Done → Next. Otherwise, the adapter contract fulfillment isn’t mapped to the adapter.
-
On the Summary tab, review your configuration. Click Save.
Next steps
Complete the Extending the contract procedure.