Managing Client Registration Policy instances
The Client Registration Policy plugin allows you to write custom processing rules to provide additional control over which registrations and configurations are accepted and stored for each client created with the OAuth 2.0 Dynamic Client Registration protocol.
About this task
Depending on the technical requirements of your use cases, you can create Client Registration Policy plugins using the PingFederate SDK. After deploying your plugins, you can create and configure instances of them. Configuration requirements vary based on your custom solutions. When you are ready to configure dynamic client registration, add your policies to its configuration.
Steps
-
Implement the
DynamicClientRegistrationPlugin
interface.For more information, refer to the Javadoc for the
DynamicClientRegistrationPlugin
interface, theSoftwareStatementValidatorPlugin.java
file for a sample implementation, and the SDK developer’s guide for build and deployment information.The Javadoc for PingFederate and the sample implementation are in the
<pf_install>/pingfederate/sdk
directory. -
Create, modify, or remove one or more instances.
Choose from:
-
To configure a new instance, click Create New Instance.
-
To modify an existing instance, select it under Instance Name.
-
To remove an existing instance or to cancel the removal request, click Delete or Undelete under Action.
You can remove a Client Registration Policy instance only if it is not currently in-use by dynamic client registration.
-
To save the plugin configuration, click Save.
-
Result
A Client Registration Policy instance is not enforced, or executed as part of the dynamic client registration process, until it is selected on the Client Registration Policies window |