Define policy configuration keys in a preproduction environment
Do not use the Policy Editor in a pre-production or production environment. Define policy configuration keys in the PingAuthorize Server configuration.
About this task
When using embedded PDP mode, policy configuration keys are stored in the PingAuthorize Server configuration, and the server provides the policy configuration key values to the policy engine at runtime. You can use either the administrative console or dsconfig
to define policy configuration keys.
Policy configuration key values are stored in encrypted form in the PingAuthorize Server configuration, so they are suitable for storing sensitive values such as server credentials. |
Define policy configuration keys using the administrative console by following these steps:
Steps
-
In the administrative console, under Authorization and Policies, click Policy Decision Service.
-
Click New Policy Configuration Key.
-
For Name, enter
ConsentBaseUri
. -
For Policy Configuration Value, type the base URI. For example,
https://consent-us-east.example.com/consent/v1
.Example:
-
-
Save the policy configuration key.
-
Repeat the previous steps for the policy configuration keys
ConsentUsername
andConsentPassword
.
Example
The following example shows how to use dsconfig
to create a policy configuration key named ConsentServiceBaseUri
with the value https://example.com/consent/v1
.
dsconfig create-policy-configuration-key \ --key-name ConsentServiceBaseUri \ --set policy-configuration-value:https://example.com/consent/v1