--- title: Defining policy fragments description: You define policy fragments in the Fragment window. component: pingfederate version: 13.0 page_id: pingfederate:administrators_reference_guide:pf_defining_policy_fragment canonical_url: https://docs.pingidentity.com/pingfederate/13.0/administrators_reference_guide/pf_defining_policy_fragment.html revdate: July 2, 2024 section_ids: before-you-begin: Before you begin steps: Steps --- # Defining policy fragments You define policy fragments in the **Fragment** window. ## Before you begin Make sure that you have configured at least two policy contracts to function as input and output contracts. ## Steps 1. In the **Name** field, type a name for the policy fragment. 2. (Optional) Change the identifier for the fragment. This ID will be used to reference input and output attributes in the advanced Expressions fulfillment option. It cannot be changed after the fragment has been created. 3. (Optional) Type a description for the fragment. 4. (Optional) From the **Inputs** list, select the input authentication policy contract that calling members will need to fulfill. The attributes contained in the contract will be available for use throughout the policy. | | | | - | --------------------------------------------------------------------------- | | | Incoming user ID mapping is restricted to fragments with an input contract. | 5. (Optional) From the **Outputs** list, select the output authentication policy contract that this fragment will fulfill. Calling members will be able to use the values of the attributes contained in the output policy contract. 6. From the **Policy** list, select an IdP adapter, an IdP connection, a selector, or a fragment. (Detailed policy configuration instructions are provided in step 5 in [Defining authentication policies](pf_defining_auth_policies.html).) | | | | - | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | You can select **Fragments** as the policy action and then select a policy fragment that you have created. When you select a fragment, click **Fragment Mapping** and use the in-product help links to access the topics that describe how to configure the mapping. | 1. Click **Options** and select the source and the attribute to be used as the incoming user ID. 2. Click **Rules** and define authentication policy rules using attributes from the previous authentication source or from an earlier step in the policy. For more information, see [Configuring rules in authentication policies](pf_config_rules_auth_policies.html). 3. Configure **Fail** and **Success** paths. For a fragment to succeed, you must map it into a LIP or APC based on the output contract. You can also use a fragment in a calling policy and set both of the fragment's exit Fail/Success nodes to Done. | | | | - | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | The **Copy** and **Paste** feature lets you copy a policy path and paste it into another place in the same policy, another policy, or a policy fragment. After you copy and paste a path, follow the on-screen instructions to correct any errors.One benefit of this feature is that you can easily add a new step at the start or middle of an existing policy. To do that, copy and then remove the existing path below the point where you will define the new step. After you define the new step, paste the copied path back into the policy below the new step. | 7. Click **Save**.