PingAuthorize

Define the policy information provider in the Trust Framework

Complete the following steps to define the policy information provider (PIP).

Steps

  1. Define an attribute in the Trust Framework for the Consent API’s base HTTPS URL.

    1. Go to Trust Framework and then clickAttributes.

    2. Add a new attribute.

      1. Name the attribute ConsentServiceBaseUri.

      2. Add a resolver.

      3. Set the Resolver type to Configuration Key.

      4. Set the Resolver value to ConsentBaseUri.

      5. Save the attribute.

    The following image shows the attribute configuration.

    Screen capture of the ConsentServiceBaseUri attribute window with the Parent field left blank and the Resolvers section showing the specified configuration
  2. Repeat the previous steps for ConsentUsername and ConsentPassword.

    Result:

    When complete, you should have defined the following attributes.

    Attribute name Policy configuration key name

    ConsentServiceBaseUri

    ConsentBaseUri

    ConsentServiceUsername

    ConsentUsername

    ConsentServicePassword

    ConsentPassword

    Both the attribute names and the policy configuration key names that you use are arbitrary, and you can use any names that you like. For the sake of this example, attribute names do not match configuration key names, but they do not need to differ.

  3. Define the policy information provider using the attributes that you just defined.

    1. Go to Trust Framework and then Services.

    2. Add a new service.

      1. Name the service Consent API.

      2. Leave the Parent value blank. If a value is already present, clear it.

      3. Set Service Type to HTTP.

      4. Set the URL to \{{ConsentServiceBaseUri}}/consents?subject=\{\{HttpRequest.AccessToken.subject}}.

      5. Set Authentication to Basic.

      6. For Username, select the attribute ConsentServiceUsername.

      7. For Password, select the attribute ConsentServicePassword.

    3. Save the new service.

    The following image shows the attributes being used.Screen capture of the Consent API service window showing the specified configurations

    Result:

    You can use the new Consent API policy information provider to build policies.