Mapping token exchange attributes to access token manager attributes
When configuring the OAuth authorization server to exchange security tokens, if it uses an access token manager instances to generate requested tokens, then map the attributes in the attribute contract produced by the token exchange processor policy to the attributes in the tokens created by the access token manager instances.
Before you begin
Before you perform the following procedure:
-
Define the token exchange processor policies. See Defining token exchange processor policies.
-
Configure the access token managers instances. See Managing access token management instances.
About this task
In the Access Token Mapping window, map the attributes from a token exchange processor policy to the attributes from an access token manager instance.
Steps
-
Go to Applications → OAuth → Access Token Mapping.
-
In the Context section, from the Context list, select a token exchange processor policy.
-
From the Access Token Manager list, select an access token manager. Click Add Mapping.
Result:
TheAccess Token Mapping configuration window wizard opens.
-
On the Attribute Sources & User Lookuptab, add access token manager attribute sources for contract fulfillment as needed. Click Next.
-
On the Contract Fulfillment tab, select a Source and Value for each attribute. Click Next.
-
On the Issuance Criteria tab, add and specify conditions that attributes must satisfy for PingFederate to exchange the token as needed. Click Next.
-
On the Summary tab, review the access token mapping. Click Done.
Result:
The Access Token Mapping window opens.
-
Click Save.