---
description: On the Configuration page of the PingAuthorize administrative console, go to Authorization and Policies > Policy Decision Service.
component: pingauthorize
version: 10.1
page_id: pingauthorize:pingauthorize_server_administration_guide:paz_request_header_mappings_admin_console
canonical_url: https://docs.pingidentity.com/pingauthorize/10.1/pingauthorize_server_administration_guide/paz_request_header_mappings_admin_console.html
section_ids:
  configuring-policy-request-header-mappings-using-the-administrative-console: Configuring policy request header mappings using the administrative console
  steps: Steps
  example: Example
---

# Configuring policy request header mappings using the administrative console

## Steps

1. On the **Configuration** page of the PingAuthorize administrative console, go to **Authorization and Policies > Policy Decision Service**.

2. In the **Policy Request Header Mappings** section, click **New Policy Request Header Mapping**.

3. In the **Name** field, enter the name of the header.

   |   |                                                |
   | - | ---------------------------------------------- |
   |   | The request header name is not case sensitive. |

4. In the **Attribute Name** field, enter the full name of the attribute that you want to map to the relevant header.

   ![Screen capture of the New Policy Request Header Mapping page, with sample values included in the Name and Attribute Name fields](_images/dfe1717779929404.png)

   |   |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
   | - | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
   |   | The full name of an attribute represents that attribute's full path in the Trust Framework hierarchy. For example, a **Param1** attribute with parent attributes **Request** and **Header** would have a full name of **Request.Header.Param1**. To quickly obtain an attribute's full name, click the hamburger menu of that attribute and select **Copy full name to clipboard**.![Screen capture of the Param1 attribute's hamburger menu selected, and the Copy full name to clipboard option highlighted](_images/qvj1717780006644.png) |

5. Click **Save to PingAuthorize server cluster**.

## Example

Suppose you want to add a request correlation ID so that your logging and monitoring services have full visibility of a decision request's processing journey. This correlation ID is represented by the **x-correlation-id** authorization attribute, which has a parent **Request** attribute. The following policy request header mapping creates a mapping between the `x-correlation-id` header and the **x-correlation-id** attribute:

![Screen capture of the New Policy Request Header Mapping page with an example x-correlation-id mapping defined](_images/lbb1717780099674.png)

To include the modified decision request body in the JSON PDP API response, select the **request** view in the [Decision Response View](paz_config_decision_response_view.html).

![Screen capture of the Decision Response View in the Policy Request Configuration section of the admin console, with the request view selected](_images/nbj1717780176144.png)

|   |                                                                                                                                                                         |
| - | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|   | Selecting the **request** view causes the [Policy Decision Logger](paz_policy_decision_logger.html) to record potentially sensitive data in API requests and responses. |

Suppose a decision request includes a sample **Attribute1** attribute and a header value of `x-correlation-id:abc`. The relevant authorization policy produces a `PERMIT` decision if the **Request.x-correlation-id** attribute equals `"abc"` and a `DENY` decision otherwise:

```json
{
"domain": "example.Domain",
"action": "example.Action",
"service": "example.Service",
"identityProvider": "example.Identity Provider",
"attributes": {
"Attribute1": "A request body attribute"
  }
}
```

The following decision response includes the modified request body, which now includes the `Request.x-correlation-id` attribute set to the `x-correlation-id` header's value:

```json
{
"id": "18e98969-3915-4096-b437-71100ac1d70f",
"deploymentPackageId": "502bdfdf-da19-47c9-b474-0047f77d18de",
"timestamp": "2024-05-23T15:29:30.115879Z",
"elapsedTime": 193449,
"request": {
"domain": "example.Domain",
"service": "example.Service",
"action": "example.Action",
"attributes": {
"Attribute1": "A request body attribute",
"Request.x-correlation-id": "abc"
    }
  },
"decision": "PERMIT",
"authorised": true,
"statements": [],
"status": {
"code": "OKAY",
"messages": [],
"errors": []
  }
}
```