Configuring bearer token authentication
Configure an access token validator.
About this task
You can configure the Consent Service to use a single validator. |
Steps
-
Configure an access token validator using
dsconfig
.Example:
This example shows an access token validator configured on a PingDirectory server for a PingFederate server.
$ bin/dsconfig create-external-server \ --server-name PingFederate \ --type http \ --set base-url:https://my-ping-federate-server:1443/
$ bin/dsconfig create-access-token-validator \ --validator-name "PingFederate Token Validator" \ --type ping-federate \ --set enabled:true \ --set "identity-mapper:User ID Exact Match" \ --set authorization-server:PingFederate \ --set client-id:id \ --set client-secret:secret
-
Optional: If more than one access token validator is configured on a PingDirectory server, you can configure the Consent Service to use a single validator with the following command.
Example:
$ bin/dsconfig set-http-servlet-extension-prop \ --extension-name Consent \ --set "access-token-validator:PingFederate Token Validator"