Define the policy information provider in the Trust Framework
Complete the following steps to define the policy information provider (PIP).
Steps
-
Define an attribute in the Trust Framework for the Consent API’s base HTTPS URL.
-
Go to Trust Framework and then clickAttributes.
-
Add a new attribute.
-
Name the attribute
ConsentServiceBaseUri
. -
Add a resolver.
-
Set the Resolver type to Configuration Key.
-
Set the Resolver value to
ConsentBaseUri
. -
Save the attribute.
-
The following image shows the attribute configuration.
-
-
Repeat the previous steps for
ConsentUsername
andConsentPassword
.Result:
When complete, you should have defined the following attributes.
Attribute name Policy configuration key name ConsentServiceBaseUri
ConsentBaseUri
ConsentServiceUsername
ConsentUsername
ConsentServicePassword
ConsentPassword
Both the attribute names and the policy configuration key names that you use are arbitrary, and you can use any names that you like. For the sake of this example, attribute names do not match configuration key names, but they do not need to differ.
-
Define the policy information provider using the attributes that you just defined.
-
Go to Trust Framework and then Services.
-
Add a new service.
-
Name the service Consent API.
-
Leave the Parent value blank. If a value is already present, clear it.
-
Set Service Type to HTTP.
-
Set the URL to \{{ConsentServiceBaseUri}}/consents?subject=\{\{HttpRequest.AccessToken.subject}}.
-
Set Authentication to Basic.
-
For Username, select the attribute
ConsentServiceUsername
. -
For Password, select the attribute
ConsentServicePassword
.
-
-
Save the new service.
The following image shows the attributes being used.
Result:
You can use the new Consent API policy information provider to build policies.
-