---
title: Configuring Policy Editor policy request header mappings
description: You can configure the Policy Editor to enforce request header mappings during policy development and testing.
component: pingauthorize
version: 11.0
page_id: pingauthorize:pingauthorize_server_administration_guide:paz_config_pe_request_header_mapping
canonical_url: https://docs.pingidentity.com/pingauthorize/11.0/pingauthorize_server_administration_guide/paz_config_pe_request_header_mapping.html
revdate: June 27, 2024
section_ids:
  about-this-task: About this task
  steps: Steps
---

# Configuring Policy Editor policy request header mappings

You can configure the Policy Editor to enforce request header mappings during policy development and testing.

## About this task

By defining a policy request header mapping, you can map a decision request header to a Trust Framework attribute. The Policy Editor uses this mapping to dynamically populate the attribute's value with the value of an incoming request header, enabling you to leverage header data as additional context in the request body.

You can configure policy request header mappings in embedded policy decision point (PDP) mode for production environments. Learn more in [Configuring policy request header mappings](paz_policy_request_header_mappings.html).

## Steps

1. Make a copy of the default options file:

   ```shell
   $ cp config/options.yml my-options.yml
   ```

2. In the `core` section of the new options file, uncomment the `decisionRequestHeaderMapping` field.

3. In the `headerKeys` field, enter a list of mappings in the form of key-value pairs, where the key is the header name and the value is the attribute's full name:

   ```
   decisionRequestHeaderMapping:
     enabled:true
     headerKeys:
       "x-correlation-id": "Request.Headers.x-correlation-id"
   ```

   |   |                                                                                                                                                                                                                                                                                                                                                                          |
   | - | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
   |   | The full name of an attribute represents that attribute's full path in the Trust Framework hierarchy. For example, a **Param1** attribute with parent attributes **Request** and **Header** would have a full name of **Request.Header.Param1**. To quickly obtain an attribute's full name, in the attribute's hamburger menu , select **Copy full name to clipboard.** |

   ![Screen capture of the Param1 attribute's hamburger menu selected, and the Copy full name to clipboard option highlighted](_images/qvj1717780006644.png)

   |   |                                        |
   | - | -------------------------------------- |
   |   | The header name is not case sensitive. |

4. Stop the Policy Editor.

5. Run `setup` using the `--optionsFile` argument and customize all other options as appropriate:

   ```shell
   $ bin/setup demo \
     --adminUsername admin \
     --generateSelfSignedCertificate \
     --decisionPointSharedSecret pingauthorize \
     --hostname <pap-hostname> \
     --port <pap-port> \
     --adminPort <admin-port> \
     --licenseKeyFile <path-to-license> \
     --optionsFile my-options.yml
   ```

6. Start the Policy Editor.

   ```shell
   $ bin/start-server
   ```