PingFederate Server

JWT Bearer Grant Processors

JSON Web Token (JWT) Bearer Grant Processors are plugins used by identity provider (IdP) connections to process JWT Bearer Grants.

PingFederate uses this type of IdP connection to facilitate user login from MacOS with the Platform SSO Adapter kit. Learn more in Configuring Platform SSO for macOS in the PingOne documentation.

Managing JWT Bearer Grant Processors

Go to Authentication > OAuth > JWT Bearer Grant Processors in the PingFederate admin console to create or manage JWT Bearer Grant Processor instances.

  • Click the name of an existing instance to edit its configuration.

  • Click Check Usage to see which IdP connections are using this processor instance.

  • Click Delete to delete unused instances.

    Instances that are currently in use by an IdP connection can’t be deleted.

Creating a JWT Bearer Grant Processor instance

  1. In the PingFederate admin console, go to Authentication > OAuth > JWT Bearer Grant Processors.

  2. Click Create New Instance.

    Type tab

  3. In the Instance Name field, enter a friendly name for this processor instance.

  4. In the Instance ID field, enter an ID for this processor instance.

    PingFederate uses the ID to identify the processor instance for IdP connections and API requests.

  5. In the Type list, select an available type for this processor instance.

    Select the Mac Platform SSO JWT Bearer Grant Processor instance type to configure the processing required for macOS SSO.

    Learn more in Configuring Platform SSO for macOS in the PingOne documentation.

  6. (Optional) In the Parent Instance list, select an existing processor instance to be the parent instance.

  7. Click Next.

    Instance Configuration tab

  8. In the Mac Platform SSO Adapter Instance list, select a configured adapter instance to associate with this processor instance.

  9. Select one of the following:

    • Click Next to proceed to the Summary tab and review your processor instance.

    • Click Save to save your processor instance and return to the JWT Bearer Grant Processors list.

Result

Your processor instance is available when you select the JWT Bearer Grant Processor connection type when creating an IdP connection. Learn more in Configuring a JWT Bearer Grant Processor Attribute Mapping Instance.