---
title: Scripting API
description: AM provides the following scriptable extension points. Each extension point is associated with a script type, or context.
component: pingam
version: 8.1
page_id: pingam:am-scripting:scripting-api
canonical_url: https://docs.pingidentity.com/pingam/8.1/am-scripting/scripting-api.html
keywords: ["Scripts", "OAuth 2.0"]
page_aliases: ["scripting-guide:scripting-api.adoc"]
---

# Scripting API

AM provides the following scriptable extension points. Each extension point is associated with a script type, or [*context*](manage-scripts-rest.html#supported-context-values).

Manage scripts through the AM admin UI or the `/scripts` endpoint [using REST calls](manage-scripts-rest.html).

* [Configuration Provider node](https://docs.pingidentity.com/auth-node-ref/8.1/config-provider.html) scripts

  Build a configuration map with custom values and add it to the authentication flow using a Configuration Provider node.

* [Scripted Decision node API](scripting-api-node.html)

  Access data in request headers, shared state, and authenticated session data.

* [Policy condition scripting API](policy-condition-scripting-api.html)

  Access the authorization state data, the information pertaining a session, and the user's profile data in authorization policies.

* [Customize OAuth 2.0](../am-oauth2/customizing-oauth2-scopes.html)

  Extend OAuth 2.0 authorization server behavior:

  * **[Access token modification](../am-oauth2/modifying-access-tokens-scripts.html)** Modify the key-value pairs contained within an OAuth 2.0 access token.

  * **[Authorize endpoint data provider](../am-oauth2/plugins-auth-endpoint-data-provider.html)** Return additional data from an authorization request.

  * **[Scope evaluation](../am-oauth2/plugins-scope-evaluation.html)** Evaluate and return an OAuth2 access token's scope information.

  * **[Scope validation](../am-oauth2/plugins-scope-validation.html)** Customize the set of requested scopes for authorize, access token, refresh token and back channel authorize requests.

  * **[OIDC claims](../am-oauth2/plugins-user-info-claims.html)** Map scopes to claims and data for OIDC tokens.

* [Customize dynamic client registration](../am-oidc1/dynamic-client-registration-script.html)

  Customize an OAuth 2.0 / OIDC dynamic client after a registration request.

* [Token exchange](../am-oauth2/token-exchange.html)

  Add `may_act` claims to OAuth 2.0 / OIDC exchanged tokens.

* [Customize SAML 2.0](../am-saml2/customize-saml2-plugins.html)

  Extend SAML 2.0 functionality:

  * **[IdP attribute mapper](../am-saml2/custom-idp-attribute-mapper.html)** Map user-configured attributes to SAML attribute objects.

  * **[IdP adapter](../am-saml2/custom-idp-adapter.html)** Customize the processing of the authentication request on the IdP.

  * **[SP account mapper](../am-saml2/custom-sp-account-mapper.html)** Customize how SAML 2.0 assertions are mapped to user profiles.

  * **[NameID mapper](../am-saml2/custom-nameid-mapper.html)** Customize the value of the NameID attribute returned in the SAML assertion.

  * **[SP adapter](../am-saml2/custom-sp-adapter.html)** Customize the processing of the authentication request on the SP.

* [PingOne Verify Completion Decision node](https://docs.pingidentity.com/auth-node-ref/8.1/pingone/pingone-verify-completion-decision.html)

  Access information about the PingOne Verify transactions the user has performed and manage the associated user account in PingOne.