PingAM

Social IdP scripting API

The following bindings are available to social identity provider (IdP) scripts that are used by the following components:

This script can be either a legacy or a next-generation script. It has access to all the common bindings for its scripting context.

Learn about converting existing scripts in Migrate OAuth scripts to next-generation scripts.

Legacy API

For Legacy, the following bindings are available to the Social Identity Provider Profile Transformation script context:

  • jwtClaims

  • normalizedProfile

  • rawProfile

  • requestHeaders

  • requestParameters

  • selectedIdp

  • sharedState

  • transientState

Next-generation API

For next-generation, scripting functionality is divided between the following contexts, each of which has access to a subset of the bindings:

Context Bindings

Social Identity Provider Profile Transformation (Next-Gen)

  • rawProfile

  • requestHeaders

  • requestParameters

  • selectedIdp

Social Provider Handler Node

  • normalizedProfile

  • requestHeaders

  • requestParameters

  • selectedIdp

OIDC Node

  • jwtClaims

  • requestHeaders

  • selectedIdp

Bindings

In addition to the common bindings, the social IdP scripts have access to the following bindings:

Binding Description Legacy type Next-generation type

jwtClaims

The JWT claims.

An object representing a JSON value.

Map of JSON value objects.

Only available to OIDC node scripts.

normalizedProfile

The object that stores the normalized profile data.

An object representing a JSON value.

Map of JSON value objects.

Only available to Social Provider Handler node scripts.

rawProfile

The object that stores the social IdP profile attributes in the format received by the provider.

For example:

rawProfile.get('sub');
rawProfile.get('name');
rawProfile.get('given_name');
rawProfile.get('family_name');
rawProfile.get('picture');
rawProfile.get('email');
rawProfile.get('email');
rawProfile.get('locale');

An object representing a JSON value.

Map of JSON value objects.

Only available to Social IdP Profile Transformation scripts

requestHeaders

Access the HTTP headers provided in the login request by calling:

String[] requestHeaders.get(String header).

For example:

var hostName = requestHeaders.get("host").get(0);

Map<String, List<String>>

Map<String, List<String>>

requestParameters

Access the HTTP request parameters provided in the login request by calling String[] requestParameters.get(String param).

For example:

var authType = requestParameters.get("authIndexType").get(0);

Map<String, List<String>>

Map<String, List<String>>

sharedState

Deprecated in favor of the common binding,nodeState.

Not available

selectedIdp

The social identity provider name. For example: google.

String

String

transientState

Deprecated in favor of the common binding,nodeState.

Not available