PingFederate Server

Configuring a Client Registration Policy instance

For additional control over clients created with the OAuth 2.0 Dynamic Client Registration protocol, use the Client Registration Policies window to create or modify a Client Registration Policy instance.

Steps

  1. Go to System → OAuth Settings → Client Registration Policies.

    Choose from:

    • To configure a new instance, click Create New Instance.

    • To modify an existing instance, select it under Instance Name.

  2. On the Type tab, enter a name and an ID for a new instance, and then select a plugin from the list.

    When modifying an existing policy plugin instance, you can only change the Instance Name field.

    If the Type list does not contain the desired Client Registration Policy plugin, create one using the PingFederate SDK. For more information, refer to the Javadoc for the DynamicClientRegistrationPlugin interface, the SoftwareStatementValidatorPlugin.java file for a sample implementation, and the SDK developer’s guide for build and deployment information.

    The Javadoc for PingFederate and the sample implementation are in the <pf_install>/pingfederate/sdk directory.

  3. In the Instance Configuration tab, follow the on-screen instructions to configure the Client Registration Policy instance.

    This window varies depending on the selected Client Registration Policy plugin.

  4. On the Summary tab, review the plugin configuration. Click Done.

  5. In the Client Registration Policies window, click Save.

Result

A Client Registration Policy instance is not enforced, or executed as part of the dynamic client registration process, until it is selected on the Client Registration Policies window

.