Configuring an adapter instance
Configure the PingOne DaVinci IdP Adapter to determine how PingFederate communicates with PingOne DaVinci.
Steps
-
In the PingFederate administrative console, create a new IdP adapter instance:
Choose from:
-
For PingFederate 10.1 or later: go to Authentication > Integration > IdP Adapters. Click Create New Instance.
-
For PingFederate 10.0 or earlier: go to Identity Provider > Adapters. Click Create New Instance.
-
-
On the Type tab, set the basic adapter instance attributes.
-
In the Instance Name field, enter a name for the adapter instance.
-
In the Instance ID field, enter a unique identifier for the adapter instance.
-
From the Type list, select PingOne DaVinci IdP Adapter. Click Next.
-
-
Optional: On the IdP Adapter screen, in the Simple Parameter Mappings section, select pre-defined parameters to send from PingFederate to DaVinci.
The adapter sends your Simple Parameter Mappings and Advanced Parameter Mappings to DaVinci. In DaVinci, you can access these parameters by configuring your flow’s input schema to expect the DaVinci Parameter Name values you define here.
For more information about other input parameter options, see the Parameter reference in the PingFederateSDK documentation and Extended properties in the PingFederate documentation.
-
Click Add a new row to 'Simple Parameter Mappings (optional)'.
-
In the Source list, select the pre-defined parameter you want to send.
-
In the DaVinciAttribute field, enter a key name to use when sending the parameter to PingOne.
-
In the Action column, click Update.
-
To add more attributes, repeat steps a-d.
-
-
Optional: On the IdP Adapter screen, in the Advanced Parameter Mappings section, define custom parameters to send from PingFederate to DaVinci.
-
Click Add a new row to 'Advanced Parameter Mappings (optional)'.
-
In the Source Type list, select the type of parameter you want to send.
- Chained Attributes
-
The attributes that are made available by other adapters and selectors in your PingFederateauthentication policy.
- Extended Properties
-
These parameters store additional information about connections, OAuth clients, or both. For details, see Extended properties in the PingFederate documentation.
- Request Claims
-
The claims PingFederatereceived within an OAuth/OpenID Connect Request Object or the parameters of a pushed authorization request.
- Tracked HTTP Request Parameters
-
The tracked HTTP request parameters that were included in the initial HTTP request of the current transaction.
-
In the Source Parameter field, enter the exact name of the parameter you want to send to DaVinci. The parameter must be available to the adapter from the Source Type that you selected.
-
In the PingOne Attribute field, enter a key name to use when sending the parameter to DaVinci.
-
In the Action column, click Update.
-
To add more attributes, repeat steps a-e.
-
-
Optional: On the IdP Adapter screen, in the DaVinci Response Mappings section, map attributes from the PingOne response to the attribute contract.
These attributes become available in your PingFederateauthentication policy.
Before using the table, check the Extended Contract tab to see which attributes are already included in the core contract.
-
Click Add a new row to 'DaVinci Response Mappings (optional)'.
-
In the Local Attribute field, enter a name for the new attribute.
-
In the DaVinci Attribute Mapping field, enter the JSON Pointer syntax for the value of the matching PingOne attribute.
For help, see JSON Pointer syntax reference.
-
In the Action column, click Update.
-
To add more attributes, repeat steps a-d.
-
-
On the IdP Adapter screen, enter the values for Company ID, Policy ID, API Key, and Subject Attribute Path.
You noted the values for Company ID, Policy ID, and API Key when you created the application in Adding an application in DaVinci.
In Building a flow in DaVinci, you gave the Name of the field containing the additional properties field a value of
additionalProperties
. We added theusername
property toadditionalProperties
, so the Subject Attribute Path value becomes/additionalProperties/username
. -
On the Extended Contract tab, add any Local Attributes that you added in the DaVinci Response Mappings table. Click Next.
-
On the Adapter Attributes tab, set pseudonym and masking options as shown in Set pseudonym and masking options in the PingFederate documentation. Click Next.
-
On the Adapter Contract Mapping tab, configure the contract fulfillment details for the adapter as shown in Define the IdP adapter contract in the PingFederate documentation. Click Next.
-
On the Summary tab, check and save your configuration:
Choose from:
-
For PingFederate 10.1 or later: click Save.
-
For PingFederate 10.0 or earlier: click Done. On the Manage IdP Adapter Instances tab, click Save.
-