Selecting client registration policies
Client registration policies can provide additional control over which registrations and configurations are accepted and stored for each client created with the OAuth 2.0 Dynamic Client Registration protocol.
About this task
If multiple policies are configured, PingFederate executes all of them based on the display order. If PingFederate completes the current policy, it moves on to the next policy. Otherwise, PingFederate returns an error message to the developers.
|
PingFederate must complete all policies successfully before a client can be created with the OAuth 2.0 Dynamic Client Registration protocol. |
Steps
-
Go to System → OAuth Settings → Client Registration Policies.
-
Optional: Select a Client Registration Policy instance from the Available Policies list and click Add.
Select this option to add a layer of protection against unwanted client registrations.
If you have not yet defined the desired Client Registration Policy instance, click Manage Client Registration Policies.
-
Optional: Repeat the previous step to add other Client Registration Policy instances.
Add as many Client Registration Policy instances as necessary. Click the up and down arrows to adjust the execution order. Use the Delete and Undelete buttons to remove an existing instance or cancel the removal request.