Managing IdP adapter grant mapping
Use the IdP Adapter Grant Mapping to map authentication source values into persistent grants.
Persistent grants and any associated attributes and their values remain valid until the grants expire or until PingFederate explicitly revokes or cleans them up.
About this task
The USER_KEY
attribute is the identifier of the persistent grants.
The USER_NAME
attribute presents the name shown to the resource owner on OAuth user-facing pages.
If extended attributes are defined in System → OAuth Settings → Authorization Server Settings, configure a mapping for each attribute.
You can optionally set up datastore queries to supplement values returned from the source.
This mapping configuration is suitable for the Authorization Code and Implicit grant types.
Steps
-
Go to Authentication → OAuth → IdP Adapter Grant Mapping and perform one of the following actions.
Action | Steps | ||
---|---|---|---|
Create a mapping |
Select the source of the attributes from the list and click Add Mapping. |
||
Modify an existing mapping |
Select your mapping under Mappings. |
||
Remove an existing mapping or cancel the removal request |
Click Delete or Undelete under Action.
|