Mapping a policy contract to multiple use cases
The last step to reuse an authentication policy in multiple service provider (SP) connections is to map the authentication policy contract into the applicable SP connections.
About this task
In general, for identity provider (IdP) browser single sign-on (SSO) use cases, if you select authentication policy contracts in your authentication policies then you must map the authentication policy contracts to the applicable SP connections.
Steps
-
Go to Applications → Integration → SP Connections.
-
Select the applicable SP connection from the list of connections.
-
On the Activation & Summary tab, click Authentication Source Mapping.
-
Click Map New Authentication Policy and use the in-product help on each screen as needed to map the authentication policy contract into the SP connection.
Result
Similarly, to reuse an authentication policy for browser-based OAuth authorization code and implicit flows, map the authentication policy contract to the applicable browser SSO connections and OAuth grant-mapping configuration. For more information, see Managing authentication policy contract grant mapping.