---
title: Managing processor policy grant mapping
description: Use the Processor Policy Grant Mapping window to map token exchange processor policies into persistent grants.
component: pingfederate
version: 13.1
page_id: pingfederate:administrators_reference_guide:pf_managing_processor_policy_grant_mapping
canonical_url: https://docs.pingidentity.com/pingfederate/13.1/administrators_reference_guide/pf_managing_processor_policy_grant_mapping.html
llms_txt: https://docs.pingidentity.com/pingfederate/llms.txt
docs_for_agents: https://developer.pingidentity.com/build-with-ai/docs-for-agents.md
revdate: February 3, 2025
section_ids:
  about-this-task: About this task
  steps: Steps
  related-links: Related links
---

# Managing processor policy grant mapping

Use the **Processor Policy Grant Mapping** window to map token exchange processor policies into persistent grants.

Persistent grants and any associated attributes and their values remain valid until the grants expire or until PingFederate explicitly revokes or cleans them up.

## About this task

The `USER_KEY` attribute is the identifier of the persistent grants.

The `USER_NAME` attribute presents the name shown to the resource owner on OAuth user-facing pages.

If extended attributes are defined in **System > OAuth Settings > Authorization Server Settings**, configure a mapping for each attribute.

You can optionally set up datastore queries to supplement values returned from the source.

This mapping configuration is suitable for the Authorization Code and Implicit grant types.

## Steps

1. Go to **Authentication > OAuth > Token Exchange Processor Policy Grant Mapping** and perform any of the following actions:

   | Action                                                   | Steps                                                                                                                                                                                                                                                                    |
   | -------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
   | Create a mapping                                         | Select the source of the attributes from the list and click **Add Mapping**.                                                                                                                                                                                             |
   | Modify an existing mapping                               | Select your mapping under **Mappings**.                                                                                                                                                                                                                                  |
   | Remove an existing mapping or cancel the removal request | Click **Delete** or **Undelete** under **Action**.&#xA;&#xA;Before removing a mapping from your configuration, ensure that it's not used by your OAuth use cases. Any corresponding entries defined in Applications > OAuth > Access Token Mapping will also be removed. |

## Related links

* [Mapping OAuth attributes](../introduction_to_pingfederate/pf_mapp_oauth_attri.html)