PingFederate Server

Managing resource owner credentials grant mapping

Use theResource Owner Credentials Grant Mapping to map values obtained from the password credential validator instance into the persistent grants. Persistent grants and any associated attributes and their values remain valid until the grants expire or until PingFederate explicitly revokes or cleans them up.

About this task

The USER_KEY attribute is the identifier of the persistent grants.

If extended attributes are defined in System → OAuth Settings → Authorization Server Settings, configure a mapping for each attribute.

include::partial$pf_rc_grantmapping_datastorequeries.adoc[tags=pf_ph_grantMapping_dataStoreQueries] This mapping is intended for the Resource Owner Password Credential grant type.

Steps

  1. Go to Authentication → OAuth → Resource Owner Credentials Grant Mapping and perform one of the following actions.

    Action Steps

    Create a mapping

    Select the source of the attributes from the list and click Add Mapping.

    Modify an existing mapping

    Select your mapping under Mappings.

    Remove an existing mapping or cancel the removal request

    Click Delete or Undelete under Action.

    +

    Before removing a mapping from your configuration, ensure that it is not used by your OAuth use cases. Any corresponding entries defined in Applications → OAuth → Access Token Mapping will also be removed.